Penetration Tests

Where the network provides an Internet connection, a penetration test from the Internet will illustrate if any weaknesses or vulnerabilities are visible to potential hackers. Using the results of the test combined with our experience and knowledge we are able to assist customers in making their Internet connection as secure as possible.

We also provide an Internet “footprint and tracking” report that details what the Internet knows about your organisation. After discussing our findings with our clients we can make recommendations to eliminate or mitigate any perceived risks.

Applications, particularly Web based applications, have been the best way to hack, penetrate, subvert, defraud, embarrass or damage an organisation for some years. This is why the single most useful tool that a hacker uses is the simple web browser.

Web applications want you to come in – they want you to interact. They access bank accounts, bill payments, even government services. Supportspread’s consultants were pioneers in developing hands-on testing of web applications, looking for the ways and means of breaking out from within the application to subvert and destroy controls.

Our work has enabled agencies and companies worldwide to safely present high value web applications on the Internet.

Security Team Assessments

One critical element, which is often overlooked, is the composition and performance of the security team. Does it have the required skill sets? Does it fully engage with other elements of the organisation? Does it follow industry best practice guidelines?

The Supportspread Security Team Assessment analyses the customer’s security team and reviews them against the requirements of the organisation. The Supportspread consultant assesses their current composition and performance. Using information from the customer it is possible to predict what the future requirements are likely to be and what changes will be required to meet them.

Incident Response Management

When dealing with a security incident the main requirement with many customers is to recover from the situation as quickly as possible. During the recovery effort it is likely that any evidence will be lost as this is not the main priority. Unfortunately this makes it difficult to understand how the incident occurred and what is required to avoid future occurrences.

The Supportspread consultants have a wide range of experience in dealing with security incidents. This allows them to prioritise activities to recover the service while preserving information that can be used to gain lessons from the incident. After successfully recovering from a security incident Supportspread consultants will analyse the incident and the recovery process. This is likely to lead to improvements in the customer’s organisation ability to avoid such incidents while improving their response should one occur.