Call a Specialist Today! 844-356-5142

Kaspersky Penetration Testing
Practical demonstration of potential attack vectors that could bypass your security controls


Kaspersky Penetration Testing

Kaspersky Penetration Testing

Get a Quote!

Get a Quote



Overview

Ensuring that your IT infrastructure is fully secured against potential cyberattack is an ongoing challenge for any organization, but even more so for large enterprises with perhaps thousands of employees, hundreds of information systems, and multiple locations worldwide.

Penetration testing is a practical demonstration of possible attack scenarios where a malicious actor may attempt to bypass security controls in your corporate network to obtain high privileges in important systems. Kaspersky’s Penetration Testing gives you a greater understanding of security flaws in your infrastructure, revealing vulnerabilities, analyzing the possible consequences of different forms of attack, evaluating the effectiveness of your current security measures and suggesting remedial actions and improvements.

This service provides you with information on the existing vulnerabilities, consequences of their exploitation, evaluates the effectiveness of implemented security measures, and enables you to plan further actions to fix detected flaws and improve security. You may also need a penetration testing service if your organization needs to comply with certain security standards that require regular security assessments, such as PCI DSS.


Service Scope and Options

Depending on your needs and your IT infrastructure, you may choose to employ any or all of these Services:


External penetration testing

A security assessment carried out from outside the company's environment without any preliminary knowledge of your systems.


Internal penetration testing

A security assessment that simulates an internal attacker, for instance a visitor with only physical access to your office, or a contractor with limited access to certain systems.

Social engineering testing

An assessment of your staff’s security awareness that emulates social engineering attacks like phishing, pseudo-malicious links in emails, suspicious attachments, etc.


Wireless networks security assessment

Kaspersky experts will visit your site and analyze Wi-Fi security controls.





You can include any part of your IT infrastructure into the scope of penetration testing, but we strongly recommend you consider the whole network or its largest segments, as test results are always more worthwhile when our experts are working under the same conditions as a potential intruder.


Penetration Testing Services

Penetration Testing from Kaspersky helps you and your organization to:

  • Identify the weakest points in your network, so you can make fully informed decisions about where best to focus your attention and budget in order to mitigate future risk.
  • Avoid financial, operational and reputational losses caused by cyber-attacks by preventing these attacks from ever happening through proactively detecting and fixing vulnerabilities.
  • Comply with government, industry or internal corporate standards that require this form of security assessment (for example Payment Card Industry Data Security Standard (PCI DSS)).

About kaspersky’s Approach to Penetration Testing

While penetration testing emulates genuine hacker attacks, these tests are tightly controlled; performed by Kaspersky security experts with full regard to your systems’ confidentiality, integrity and availability, and in strict adherence to international standards and best practices including:

  • Penetration Testing Execution Standard (PTES)
  • NIST Special Publications 800-115 Technical Guide to Information Security Testing and Assessment
  • Open Source Security Testing Methodology Manual (OSSTMM)
  • Information Systems Security Assessment Framework (ISSAF)
  • Web Application Security Consortium (WASC) Threat Classification
  • Open Web Application Security Project (OWASP) Testing Guide
  • Common Vulnerability Scoring System (CVSS)

Project team members are experienced professionals with a deep, current practical knowledge of this field, acknowledged as security advisors by industry leaders including Oracle, Google, Apple, Microsoft, Facebook, PayPal, Siemens and SAP.


Delivery Options

Depending on the type of security assessment service, your systems specifics and working practices, security assessment services can be provided remotely or onsite. Most services can be performed remotely, and internal penetration testing can even be performed through VPN access, while some services (like wireless networks security assessment) require an onsite presence.


Pricing Notes: