Contact Global Locations
Scoping & Documentation ASV Scanning Contract & Liability Review PCI DSS Gap Analysis Risk Assessment Security Testing Compensating Controls Blackfoot Prioritized Approach Annual Data Security Assessment Payment Processing & Outsourcing
Virtual Security Officer (VSO) Incident Response ISO 27001 Document & Policy Creation Security Awareness Risk Assessment
Infrastructure Security Assessment Web Application Assessment Physical Security Assessment Secure Code Review Data Discovery Wireless Security Assessment Vulnerability Management
Blackfoot Blackbox SME Virtual Security Officer (VSO) Firewall Management Audit Log Management Intrusion Prevention/Detection
PCI DSS Training PA DSS Training Secure Software Development Security Awareness

Infrastructure Security Assessment



Penetration testing is a term that conjures up a lot of confusion in the IT Security Industry, especially when reviewing specific requirements for compliance such as those stipulated in the PCI DSS Standard. Officially, Penetration testing is the process of probing and identifying security vulnerabilities in a network and the extent to which they might be exploited by outside parties. What is required to achieve compliance with a specific standard however, may be more or less extensive that scanning IP addresses for vulnerabilities.

Blackfoot offers different types of Network Penetration Testing, ranging from scanning of publicly routable IP addresses, identifying known vulnerabilities and exploiting these, right through to attempting physical access to buildings and customer offices/premises and "social engineering".

Our techniques vary depending on each clients requirements but include Vulnerability Scanning, Fingerprinting, privilege escalation and post-exploitation phases such as leveraging built-in Unix, Linux, and Windows tools such as /dev/top, telnet clients, and ftp to launch port scans, create backdoor shells, and move files, escalate privileges.