Home >> Solutions >> Vulnerability Assessment and Penetration Test
Vulnerability Assessment and Penetration Test

Global Security Network provides Vulnerability Assessment and Penetration Test services for organizations either as independent services or as part of comprehensive Risk Management services.

Difference between Vulnerability Assessment and Penetration Test

Although Vulnerability Assessment is the first step for Penetration Testing wherein it identifies vulnerabilities associated with a network/system, Penetration Testing actually goes one step further by trying to exploit these vulnerabilities to actually penetrate the defenses and compromise the system.

The GSN Expertise

Global Security Network conducts vulnerability assessments and penetration tests that draw upon the knowledge and experience of our elite security experts who have acquired their unique skills through consulting for Security Agencies and R&D for private security firms.
GSN's security testing methodology is based on the Open Source Security Testing Methodology Manual (OSSTMM) standards, which ensures reliable and accurate results. OSSTMM is a peer-reviewed methodology for performing security tests and metrics.

OSSTMM

The OSSTMM test cases are divided into five channels (sections) which collectively test: information and data controls, personnel security awareness levels, fraud and social engineering control levels, computer and telecommunications networks, wireless devices, mobile devices, physical security access controls, security processes, and physical locations such as buildings, perimeters, and military bases.

Vulnerability Assessment

Global Security Network provides two types of Vulnerability Assessment Services:

  1. External Vulnerability Assessment (From outside looking in)
  2. Internal Vulnerability Assessment (From inside looking around)

Vulnerability Assessments are done with Zero knowledge or Full knowledge of the organizations network, with or without any access granted to the internal network thus simulating all the spectrum of attackers from the external hacker to the disgruntled employee.

Penetration Testing

Global Security Network provides two types of Penetration Testing Services:

  1. External Penetration Testing (From outside looking in)
  2. Internal Penetration Testing (From inside looking around)

Penetration Testing requires a Vulnerability Assessment to be done first and then actively exploits the identified vulnerabilities in the network thus simulating a potential attack by a malicious hacker from outside or inside the organization.