Ethical Hacking:
System Hardening Assessment
BT System Hardening Assessment services can measure your network's security by analyzing possible configuration issues, running services, and vulnerabilities that reside on the system. A System Hardening Assessment focuses exclusively on the network environment. We understand the role of security controls in ensuring the integrity of information and computing resources. Effective implementation of these controls prevents unauthorized, accidental or deliberate disruption of information technology resources.
A System Hardening Assessment is completed in three phases. During the first phase, the BT ethical hacking team will review your network to find gaps in security updates and other common security defects. Then the team will scan remote access devices for vulnerabilities. Finally the team will exploit any weaknesses in the system to obtain access to the host system. BT tests for over 1,000 network-level vulnerabilities during the System Hardening Assessment.
Phase one of the assessment, Map and Identify Missing Security Updates and Common Configuration Vulnerabilities, is a straightforward review of your network's security. BT will examine your network and determine if there are any required security updates or configuration vulnerabilities.
During phase two, Scan Host Device for Vulnerabilities, BT checks the host operating system to determine what services are available to remote users and ascertain if those services are vulnerable to remote exploitation. BT will test all TCP/IP services including, FTP, Telnet, Sendmail, DNS, SMTP, SNMP, all 65,535 TCP Ports, and the most commonly used and exploited UDP ports. Additionally, the ethical hacking team will use packet fragmenting and loose-source routing to try to bypass filtering routers and firewalls.
The final phase of the engagement, Exploit Vulnerabilities, is the most complex. The BT ethical hacking team will use the information obtained during the first two phases to exploit vulnerabilities and weaknesses that were discovered to attempt access to the host system.
Before the project begins we will work with you to develop boundaries for actions and events that our team can perform during the vulnerability assessment. Any High-Risk vulnerabilities/risks identified during the assessment will be immediately communicated to you. After the testing has been completes, BT will provide your organization with a formal report that:
- Lists and prioritizes all identified weaknesses and vulnerabilities
- Explains the risks associate with the current network configuration
- Presents technical and procedural recommendations to increase the security infrastructure
|
privacy policy 
