Penetration Testing

BSC Penetration Testing

The BSC Penetration Test is affordable for small and medium-sized businesses.

If you have 20 external IP addresses or less, BSC will provide a formal penetration test and detailed report for $5,000 or less. The goal of the penetration test is to determine if a remote attacker can access sensitive information. BSC will provide an inventory of vulnerabilities discovered that could be exploited on externally-facing systems.

The BSC Penetration Test includes multiple tactics:

External system scanning,
Social media reviews,
Google Hacking
Risk reviews.

Scanning Social Media Reviews Google Hacking Risk Reviews

Scanning

Our external scanning approach uses comparison scans performed against the networks with and without a whitelist in place to evaluate the efficacy of existing security controls. This assesses the strength of the boundary but also provides a listing of vulnerabilities for all accessible IP addresses. Scans include network scans of all external IPs and deep application scanning of the website. All vulnerabilities will be categorized as critical to low and provided in a formal risk matrix as part of the report.

Social Media Reviews

In this part of the assessment, BSC reviews related social media and other sources to determine what sensitive information can be uncovered about the client infrastructure. By reviewing key employee profiles, we can determine if too much sensitive corporate infrastructure information is provided. We also review the corporate website for any content vulnerabilities and identify privileged and senior staff that are more subject to spear phishing.

Google Hacking

Risk Reviews

BSC Provides:

A Detailed Rules of Engagement – BSC requires a ROE to ensure client visibility into all pen test activities and that scans are performed at a coordinated time (most convenient time for the client), and there are no surprises.

Competitive Pricing – We believe that we provide penetration testing that is affordable for businesses of all sizes.

Comprehensive Reports – Our formal pen test reports are comprehensive yet readable products that include all of the relevant detail needed to remediate any findings. They include the results of each of the reviews performed, a listing of vulnerabilities and risks detected and recommended mitigations. Also, sensitive data can be easily redacted, if necessary, to allow easy sharing with clients.

Free Rescan – Is the problem resolved? Once issues are mitigated, you don’t have to wait until the next penetration test, as our service includes a rescan at your request free of charge.

Senior Certified Experts – All of our technical staff hold certifications that ensure you get a seasoned security engineer with the experience and certifications required to meet your security needs. We do not delegate scanning tasks to junior staff or new hires who don’t have the experience to see vulnerability risk trends and information beyond what is included in the scan reports.

Why BSC Systems?

Penetration Testing

BSC Penetration Testing

BSC Provides:

Free Consultation

Remember, there is no charge for the initial phone consultation!

Our Mission

BSC Blog