Spector Security offers their security assessments at different levels of intensity:
- Vulnerability Scan
- Penetration Testing
- Red Teaming
With different levels of assessments, clients can be offered modularity in their services and pricing. In this way, customers will have any assessment suit their budget.
All testing is to be conducted with the utmost care that none of these tests will disrupt the actual everyday business of the target location.
Vulnerability Scan
This is Spector Security’s entry level assessment. For cyber security, it entails a full automated scan of a web application and/or target network, utilizing the most modern and comprehensive software available on the market. This information is the base line for further testing and provides usable metrics at a lower price than more involved testing. In the case of physical assessments, a vulnerability scan will consist of a walk-through of all target premises to include the manual testing (when necessary) and reporting of all vulnerabilities found. All scans are conducted as a “white box” assessment, meaning that all necessary information of a client’s systems will be provided to reduce the amount of research (time/cost) that is performed by Spector Security professionals. In addition, physical security tests will be done in plain view (as opposed to a red team exercise).
Penetration Test
This test will expand upon the vulnerability scan (which is included for this assessment) by performing extensive manual testing of both the results of the automated tests, as well as independently researched security vulnerabilities. This test is delivered with full knowledge of the target systems within the scope of the engagement (white box test). This is the first level of testing where actual attempts to penetrate a system will occur and then expand upon that initial foothold to gain access to as many systems as possible within the agreed upon scope of the engagement.
Red Team Exercise
Red Team Penetration Testing is a comprehensive testing process, as it involves a great deal of research, planning and man-hours to successfully infiltrate past a target’s security. Red Team Penetration Testing is conducted with a limited amount of prior knowledge being given to the Spector Security professionals (black box testing, only the scope of the engagement and testing parameters are defined). Actual entry into a secure network and/or premise will be attempted without the knowledge of an attack being known by employees of the target location (this is at the discretion of upper management and is agreed upon prior to the engagement being carried out).