LRS IT Solutions focuses on a pair of important services vital to the security of your IT infrastructure: Vulnerability Assessment and Penetration Testing.
Vulnerability Assessments can help you identify and prioritize security risks in your environment by finding and quantifying security vulnerabilities. A Vulnerability Assessment is an in-depth evaluation of your information security posture, indicating weaknesses as well as providing the appropriate mitigation procedures required to either eliminate those weaknesses or reduce them to an acceptable level of risk.
Our security team will look at both internal and external systems and utilize a mix of automated and manual scanning to help determine where vulnerabilities exist as well as assist your team in prioritizing and planning to correct these issues.
LRS uses the Penetration Testing Execution Standard (PTES) as a framework for running internal and external penetration tests. This allows us to ensure our customers are getting a well planned test allowing the testers to achieve the best results possible. During our testing, we employ many industry standard tools, both commercial off the shelf and open source.
Along with a penetration test, we can offer additional assessments that are very targeted towards real life attacker methodology. While each of these steps is also performed during a penetration test, each can be done separately to get a very focused look at your organization’s controls and technologies.
Internal Pivot Testing
This takes the stance that a system has been compromised and is aimed at determining how far an attacker can get inside the environment once a system is compromised.
Data Exfiltration Assessment
This is focused on determining how an attacker can move both data and command and control (C2) communications outside of the environment.
How many of your employees will click on a random link they see in email? We can help you quantify that issue.
Recon and Intelligence Gathering
This is used to determine just how much information can be found about your organization. Attackers will use this information to figure out how to attack your organization without being noticed.