Get Adobe Flash player

Penetration Auditing

Innovative CSi's comprehensive Penetration Testing is performed by using an attacker-oriented approach, not your typical conventional or automated network vulnerability assessment.  The goal of the audit is to test your environment for the gaps in your security as well as how your procedures detect and responsed to ensure that security breaches are quickly identified, investigated and contained. Our team also performs a full vulnerability assessment of the operating systems, databases, network devices, and the resident within the network to effectively priortize in order to remediate and improve your overall posture.  


Innovative CSi can assist in reducing cost, time & effort required on your side as well as significantly enhances your ability to proactively manage your network security posture.  Our comprehensive methodology to perform the network assessment backed by our expertise in the area of data security and investigations.  The results provide a deeper analysis of the network and security vulnerablities along with the identifying, examining, and prioritizing the results of the tested systems.  We conduct vulnerability assessments that range from small businesses to large enterprises.  



Internal & External Network Security Testing Methodology: 

  • Zero-Knowledge Test (Black Box)-  this style of testing looks at the testing from outside of your network.  This testing simulates the same methods that an attacker would follow to exploit weakness in your network to penetrate the network.  This can expose critical areas of your systems that can compromise your business-data and expose data leakage.  The objective is to break into your system. 

  • Partial Knowledge Test (Gray Box) -  this style of tesing starts will some knowledge of the systems that the team will be focusing on for the attack.  This testing is a blended approach to the Black and White Box testing environment with knowledge in areas around your network topology, policies and procedures, and other valuable information.  

  • Full Knowledge Test (White Box) - methodology where there is full knowledge of the system being attacked. The goal of a white-box penetration test is to simulate a malicious insider who has some knowledge and possibly basic credentials to the target system. 


  ....more on Web Apps 


Network Evaluation Health Check Cloud Security Health Check
 Database Security Health Check
 Compliance & Internal Health Check
  • Port Scanning 
  • Enumeration & Banner Grabbing 
  • Wireless Enumeration 
  • Vulnerability Scanning 
  • Host Evaluation 
  • Network device analysis 
  • Password compliance 
  • Network sniffing 
  • Infrastructure Firewall/VPN/SSL-VPN 
  • Mobile Security 
  • Social Engineering 
  • VoIP Security 
  • Wireless Security Virtualization
  • Web Assessment 
  • Web Threat Modeling / Design and Architecture Review 
  • Web SDLC 
  • Source Code Security Assessment 
  • Web Services Security Assessment
  • Application Assessment 
  • Application Threat Modeling / Design and Architecture Review 
  • Application SDLC Source Code 
  • Security Assessment
  • HIPAA 
  • PCI-DSS 
  • RED FLAG FFIEC FISMA 
  • ISO 27001 
  • SOX - IT 
  • PRIVACY 

Designed by Innovative Corporate Solutions, Inc. (c) 2011 All rights reserved.