Regulatory Compliance Services
Penetration Testing Services
Penetration Testing tools from CSI help you prevent cyber security vulnerabilities through ethical hacking.
Often known as “security testing” or “pen testing,” penetration testing actually attacks your own IT system, searching for holes in your security.
Regular and professional testing of your network’s ability to withstand attacks is crucial to your Information Security program. In fact, your financial institution is expected to perform internal penetration testing and external penetration testing of your networks at least once per year in order to meet Gramm-Leach-Bliley Act (GLBA) compliance.
External Network Penetration Testing
CSI provides superior external penetration testing performed by our OSCP-, GIAC- and CISSP-certified consultants, who adopt a real-world attacker’s methodology of reconnaissance, scanning and exploitation through hacking testing.
Our external pen testing services include:
- Gathering of public information that could be used to penetrate your network
- Manual interaction using tools customized for the services or applications discovered
- Vulnerability scanning to identify weaknesses
- Vulnerability assessment to verify the results and determine potential impact
- Conducting safe “exploit” attempts using the information uncovered
- Testing of such Internet devices as firewalls, perimeter routers, Web servers, mail services, etc.
- Thorough post-test reporting
Internal Penetration Testing
Information Security program guidelines instruct financial institutions to conduct annual internal network and application-layer penetration testing to ensure the security of customer or member information and assets.
With financial industry penetration testing, CSI will:
- Help your staff identify potential targets and attempt to gain access
- Attempt to exploit vulnerabilities without the interruption of services
- Identify vulnerabilities through hands-on, manual testing and research
- Identify issues and situations that a basic scan would not detect
- Consult with management to develop a list of observations and recommendations
- Provide thorough documentation
- Offer an optional addition of Wireless Network Audit
- Offer an optional remote version of our pen test
Wireless Penetration Testing
As an additional option, CSI’s Wireless Network Audit performs limited social engineering testing to entice users to connect to unauthorized access points. This wireless penetration testing will survey the encryption and authentication methods in use on your wireless networks.
Learn More about Bank Penetration Testing
Don’t wait until your business suffers a security breach. Contact CSI today to learn more about financial penetration testing. Just complete an online contact form, and we’ll reach out to you.