Day Zero Security provides vulnerability and penetration test services to allow clients to secure internal and external systems to connections to un-trusted networks as well as satisfy audit requirements to show due diligence.

As QualysGuard Certified Specialists, this commercial tool also provides the most up to date vulnerability information and remediation advice during White Box testing phases.

Using OSSTMM methodology (Open Source Security Testing Methodology Manual), exacting requirement for audit and testing are obtained prior to a scope of work document being produced to ensure that only the specific security checks that you require are paid for.

Testing is a combination of automated tools and manual checks to ensure thoroughness.

Scope for vulnerability scanning may include:

 - Network surveying and objective network diagram
 - Port scanning of all TCP/UDP ports
 - System identification
 - Service identification
 - Vulnerability research and remediation

Penetration testing will include the tests in scope above but may also include:

 - Internet-Application testing
 - Router testing
 - Firewall testing
 - Password cracking
 - Containment Measures testing
 - Document grinding
 - Competitive Intelligence Scouting

Additional tests such as DOS testing, IDS testing and wireless testing may also be carried out dependant on requirement.

Tests may be as invasive or non-invasive as the client requires and may be remote, local, blind or target known.

Reports will be prepared and presented to include:

 - Excecutive Summary
 - Findings and analysis
 - Potential security holes and vulnerabilities broken down into priority levels
 - Recommendations and improvements to overall security
 - Assumptions made during the course of the audit
 - Appendix of material acquired over the course of the Audit

Contact Day Zero to discuss the scope and requirement of your project and allow us to prepare a scope of work document for you.

services@dayzerosecurity.com or call 01782 720229.