PenTest Services by Dragon Labs
Dragon Labs is an enterprise group of highly motivated and skilled hackers trying to access your organization's sensitive data. Each test made by a professional security analyst attempting to break thru weaknesses to find out exactly how to compromise your infrastructure.
Penetration tests mainly identify critical attack paths existing in your infrastructure to provide an expert report and advice to fix possible threats and holes. Dragon Labs has offices in Europe, Middle-East, Asia and North America.
- ISO 27001
The ISO 27001 standard helps companies to manage the business, and IT risks they face, assure business continuity and to protect reputation. ISO standard increases employee security awareness and as a result improves the company's security posture.
- PCI DSS
The PCI DSS (Date Security Standard) provides a framework for a secure and safe payment card process. It includes detection, prevention, and right reaction to any security incidents. Failing the standard raise problems and can suspend option to process card payments.
- NERC CIP
Improving the digital (cyber) security position of power systems by fitting a set of standards approved by NERC (North American Electric Reliability Corporation). Examples of standards:
- Electronic Security Perimeter(s) (CIP-005-1).
- Recovery Plans for Critical Cyber Assets (CIP-009-1).
- Critical Cyber Asset Identification (CIP-002-1).
Key NIST (National Institute of Standards and Technology) publications helps Dragon Labs customers become safer and protected. Examples:
- Guide to SSL VPNs (SP 800-113).
- Guidelines for Securing Wireless Local Area Networks (SP 800-153).
- Guidelines for the Secure Deployment of IPv6 (SP 800-119).
"Conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of electronic protected health information held by the covered entity." - that is what accepted by HIPAA audit protocol states.
- 1st Service - Threat Risk Modeling
- 2nd Service - Penetration Tests
- 3rd Service - DoS/DDoS Attack Tests
- 4th Service - Managed Services
- Vulnerability Assssment
To increase security and protection level of your system and network you should start with vulnerability assessment. You can use automated systems like Comodo HackerGuardin or Web Inspector to scan your network and system, but that has less professional results as manual checks by a highly skilled staff of Dragon Labs.
- DOS/DDOS Tests
Denial of Service (DoS) and Distributed Denial of Services (DDoS) is a modern way to attack and damage online services and websites. It used by competitors and criminals to disrupt service and cause reputation and revenue loss. Dragon Labs has considerable experience helping to survice during DoS/DDoS attacks with minimal loss.
- Social Engineering Test
Reaction brings contr-reaction; Recent security improvements making attackers life harder and as a result increasing using social engineering by attackers. Dragon Labs trains staff to prepare for advanced attacks using social engineering.
- Threat Risk Modeling
It is important to priorize and systemize all possible risks to understand how you need to secure your system and infrastructure. Protect is a way more complicated than attack since you need also think from attackers point-of-view. Dragon Labs has significant experience in reliable protection of their customers.
The strong basement of organization's security bases on SIEM (Security Information and Event Management to discover what is going on inside and around your perimeter. Penetration tests by Comodo Dragon Labs improve the efficiency of your SIEM solutions to get a greater view on your perimeter.
- Incident Response Services
Incidents damaging your infrastructure or system via security breaches is an experience and may highlight important places that should be improved. Filter malicious network traffic, rebuild and repair system and create new strategies based on intruder's penetration activity.
- Security Configuration Management
Dragon Labs security analytics will check every single component of security management, including IPS, vulnerability management processes, firewalls and everything related to that.