|
|
Feel Good About Your Network
|
|
IDsec Limited
31-33 College Road
Harrow, Middlesex
HA1 1EJ
United Kingdom
(Map)
T: 020 8861 2001
F: 020 8861 3433
www.idsec.co.uk
Copyright © 2008
IDsec Ltd
5.08
|
|
|
|
|
|
|
|
|
 |
Superwalk Plus builds on our standard service by
providing a regular written analysis.
This bridges the gap between automated
scans and manual penetration testing.
|
|
|
|
|
In an ideal world it would be possible for system managers to
commission regular, traditional penetration tests as well as signing
up to an automated external scanning service.
After all, both approaches
have a lot to offer.
Manual testing by experienced practitioners is undeniably
more thorough, and takes advantage of the intuition and depth of
knowledge that machines just can't provide. On the other hand,
automation means that Internet-facing systems can be probed much more
frequently, increasing the chance that any flaws will be detected
before they are exploited by an intruder.
In the real world, with restricted budgets and short timescales,
there is a need to bring the two together, focusing on the things
that need immediate attention but keeping detailed
results for the times when they are needed. All this, of course,
without undue expense.
|
|
|
At regular intervals agreed with the client, typically weekly or
monthly, our network security consultants examine the latest results
generated automatically by the standard Superwalk service and compare
them with those used for the previous report.
We then produce a written commentary on significant changes.
This is, of course, based directly on the results obtained,
but also makes use of our accumulated knowledge of the client's
gateway, awareness of the latest threats present in the world at
large, information on Superwalk internals plus any relevant research
needed.
As with any analysis of this type, some effort is put into
eliminating any false positives that crop up and making sure that
there is real evidence for any assertions made. In some cases, it is
also possible to distil a number
first-level findings into a single real security issue: some apparent
holes may be consequential, so that fixing one vulnerability would
cause a number of others to disappear.
Finally, we make it clear when
an apparent change has been caused by a new release of our software
rather than anything happening at the client's end: after all,
although a hole is a hole, it is important to know whether it has
been introduced by a specific action on the part of the
administrators or simply was not detectable before.
Each report includes details of:
-
hosts that have appeared or disappeared
-
changes in services offered by existing hosts
-
vulnerabilities that are new or have gone away
-
changes in software version revealed by services
-
any differences in networking or system information offered
plus our prima facie view of the importance of
changes.
|
|
|
The report is provided as a formatted PDF document and is sent by
e-mail to a designated client contact: this is normally within two
working days of the Superwalk scan on which it is based.
Note that we still issue a “peace of mind” report even if nothing has
changed since the previous commentary.
|
|
|
Superwalk Plus is charged as a supplement to the basic
Superwalk service.
The price depends on the number of
target IP addresses covered by the Superwalk scan on which the
commentary is based and the frequency
of reporting.
For example, IDsec can provide a weekly commentary on scans of up to
64 hosts for £6,750 per year, with a minimum contract of one
year. Although we would never suggest that Superwalk is a complete
replacement for manual penetration testing, we believe that it may be
a better use of a restricted budget.
|
|
|
Our basic Superwalk service has been running since 2001, and
has been used by a number of blue-chip companies, including a
mobile phone company covering more than 1,000 external IP
addresses.
This additional commentary service was first offered in 2004 and has
been now taken up by existing Superwalk customers.
|
|
|
|
Network Penetration Testing
|
|
External penetration testing puts us in much the same
position as a potential intruder, trying to break into the
Internet gateway and systems behind it.
|
|
|
Web Application Testing
|
|
Classic penetration testing at the network level has its place,
but many new attacks are aimed at interactive web
applications. A thorough external test can minimise these
risks.
|
|
|
|
