Frequently Asked Questions_

We compiled a list that is updated regularly with most popular questions we receive from our customers.

What are Managed Security Services?

Managed Security Services focus on preserving data and its adjacent IT infrastructure assets safe against the wide range of cybersecurity risks out there.

Security Management applies and verifies the controls that an organization should have in place to safeguard its assets against potential threats. It also helps potential stakeholders manage any risks that could arise.

The objective of proper security management is to examine the flow of IT systems. By performing vulnerability management and reviewing internal procedures, a professional and experienced security management audit service uncovers security flaws and identifies never-before-addressed risks that could affect your business if not properly classified and mitigated.

What are the differences between Managed Security Services and Penetration Testing?

Penetration Testing

Penetration Testing is the most efficient approach to evaluate how secure your IT infrastructure is. This is done by safely attempting to exploit system vulnerabilities, including OS, network, service and application flaws, improper configurations, and even risky end-user behavior.

Compared with a Vulnerability Assessment (which is part of any Penetration Test), this approach will remove any false-positive results and the mitigation process will be simplified from a technical perspective and from the resource point of view.

Security Management

Information Security Management focuses on preserving the integrity, accessibility, and confidentiality of your data and the IT infrastructure it flows through.

Security Management involves all the processes, workflows, and tools needed to make that happen.

Penetration Testing feeds your Security Management program with independently vetted security priorities you need to address and periodically checks for potential issues that could lead to compromise.

The two approaches are very different but extremely complementary, enhancing each other to improve the performance of your organizational security program.

Why should I contract Managed Security Services for my organization?

Working with an experienced Managed Security Service Provider provides many benefits, including:

Doing a thorough BIA (Business Impact Assessment) of your organization
Reviewing and improving your IT organizational structure, IT policies, procedures, and standards
Reviewing and improving your IT documentation to ensure compliance
Auditing your internal, external, and related non-automated security controls
Assessing your vulnerability and patch management processes
Identifying, classifying, and mitigating your IT risks.

My company was hacked. Can you help us remove backdoors and patch the breach?

Of course we can!

In incident response situations, our team of security engineers performs a series of tests to diagnose the problem.

You will receive a full report and solutions on how to remove any existing backdoors and also how to increase your security level to avoid facing similar problems in the future.

Don’t forget that you should consider contracting a penetration test at least once a year to avoid data breaches and other cyberattacks and their consequences.

What is security Penetration Testing?

A penetration test (or, shortly, pentest) entails deploying an attack on a computer system in a controlled environment with the sole intention of uncovering security weaknesses and exploiting them safely to potentially gaining access to the system, its functionality, and data.

The process involves identifying the target systems and the goal, then reviewing the accessible information and undertaking available means to attain the goal.

A penetration test target comes in various formats:

white box – where all background and system information is provided
black box – where only basic or no information is provided, except the company name
grey box – where white box & black box tests are conducted.

A penetration test can help determine whether a system is vulnerable to attack, if the defenses were sufficient, and which defenses (if any) were defeated in the penetration test.

Security issues uncovered through the penetration test are reported to the system’s owner.

Penetration test reports may also assess the potential impacts to the organization and suggest countermeasures to reduce risks.

Penetration tests are valuable for several reasons:

Determining the feasibility of a particular set of attack vectors
Identifying higher-risk vulnerabilities that result from a combination of lower-risk vulnerabilities exploited in a particular sequence
Identifying vulnerabilities that may be difficult or impossible to detect with automated network or application vulnerability scanning software
Assessing the magnitude of potential business and operational impacts of successful attacks
Testing the ability of network defenders to successfully detect and respond to the attacks
Providing evidence to support increased investments in security personnel and technology.

How are white box, black box, and grey box penetration testing methods different?

White Box Pentesting

Also known as glass box, structural, clear box and open box testing.

This is a testing technique whereby explicit knowledge of the internal workings of the item being tested is used to select the test data.

White Box Testing starts from a point of complete knowledge of the infrastructure to be tested, often including network diagrams, source code, and IP addressing information.

Black Box Pentesting

Black Box Security Testing has an unique approach and assumes no prior knowledge of the infrastructure to be tested.

Grey Box Pentesting

The Grey Box Testing is a blend of Black Box testing and White Box testing techniques.

This multifaceted test results in a comprehensive and highly focused test that cuts down on testing time-frame and budget.

Moreover, this approach helps our engineers to learn how your application works and test at both ends whether a suspicious vector of an attack is plausible or not, minimizing false positive results.

Why should I contract Penetration Testing for my company?

Security breaches and any related interruptions often result in direct financial losses, threaten organizations’ reputations, erode customer loyalty, attract negative press, and trigger significant fines and penalties.

A recent study conducted by EY (EY Global Information Security Survey 2018-2019) reported the average cost of a data breach for the affected company is now $3.62 million.

Organizations have traditionally sought to prevent breaches by installing and maintaining layers of defensive security mechanisms, including user access controls, cryptography, IPS, IDS and firewalls.

However, constantly adopting new technologies introduces a lot of complexity which makes it even more challenging for security engineers to react, protect, and eliminate high and critical vulnerabilities on a day-to-day basis.

Penetration testing evaluates your organization’s ability to protect its networks, applications, endpoints, and users from external or internal attempts to circumvent its security controls and gain unauthorized or privileged access to protected assets.

Test results validate the risk posed by specific security vulnerabilities or flawed processes, enabling IT management and security professionals to prioritize remediation efforts.

By embracing more frequent and comprehensive penetration testing, organizations like yours can anticipate emerging security risks more effectively and prevent unauthorized access to critical systems and valuable information.

We have a firewall in place that restricts access to our database and internal services. Do I still need Penetration Testing?

YES!

Having a firewall in place that restrict access to your database and/or internal services doesn’t guarantee your assets will be secured.

We usually consider any restriction integrated by a firewall to be a “Security by Obscurity” mechanism that doesn’t come close to a robust security mitigation approach.

Anyone who can use a USB drive in a local network, connect to Wifi in your building or access one of your online and public services could also escalate his privileges to gain access to sensitive data.

Is Penetration Testing safe? Can it disrupt my business in any way?

Our team has extensive experience in information security, particularly with Penetration Testing.

Over the last 10 years, we fine-tuned our approach to remove any situation that might make your companies assets unresponsive. Moreover, each time we have to test something that might affect your availability, you’ll be notified and we will act according to your needs.

How often should I perform Penetration Testing?

Penetration testing should be performed on a regular basis (at least once a year) to ensure more consistent IT and network security management by revealing how newly discovered threats (0-days, 1-days) or emerging vulnerabilities might be exploited by malicious hackers.

In addition to regularly scheduled analysis and assessments required by regulations such as GDPR, PCI-DSS tests should also be run whenever:

New network infrastructure or applications are added
Significant upgrades or modifications are applied to infrastructure or applications
New office locations are established
Security patches are applied
End user policies are modified.

What happens to all the confidential data gathered during Penetration Testing?

Our security testing team commits itself to absolute secrecy regarding your confidential data.

A non-disclosure agreement (NDA) that treats a client’s data as confidential is already part of every contract.

All customer data, including information that is used to prepare a first quotation, is subject to the same obligation to confidentiality.

At the end of a penetration test, all the data and possible storage media is either securely destroyed or handed back to the client.

How often should I evaluate the state of my organization’s security setup and workflows?

We recommend to get a full security assessment at least once every 6-12 months.

However, you should keep your policies and vulnerability assessments updated at least once a year or when your infrastructure is updated with new nodes, services or assets.