The main purpose of a security audit is to discover weak points in the architecture of your IT infrastructure. Such weaknesses quite often remain undiscovered after a penetration test, as the main purpose of penetration test is to bypass existing security mechanisms, but not to check the entire architecture. Good examples of problematic areas include local antivirus policies, user privilege separation, backup storage and information encryption.
Our security audit includes assessments of:
Our comprehensive security audit will discover vulnerabilities and weaknesses in your infrastructure. Our documented results will identify the IT threats and risks, including business processes, for their reduction and elimination.
A security penetration test is a simulation of a hacker attack on a network, system, application or website, used to discover existing vulnerabilities and weaknesses before hackers find and exploit them. In other words a penetration test is an independent security evaluation of your IT infrastructure. This is sometimes called "ethical hacking".
Mighty Oaks' CISSP security experts use penetration testing methodologies and standards. Each vulnerability discovered during our penetration testing will be assessed, prioritized, and come with an appropriate recommendation on how to eliminate it.
Upon completion of our penetration testing, the client will be provided with two levels of reports, a summary report suitable for management that describes the work done and recommendations at a high-level, and a detailed report that details the performed work, the details of the identified vulnerabilities, and the proposed recommendations to improve security.