Latest Blog Post

read more

News and Events

August 2-5, 2014 - "Network Forensics: Black Hat Release" at Black Hat USA in Las Vegas, NV (Sherri Davidoff and Jonathan Ham) Space is limited, so register today!
 
August 7-10, 2014 - Join us at DEF CON 22 and play our annual Network Forensics Puzzle Contest.
 
LinkedIn Reddit Delicious Technorati Twitter Digg Stumbleupon

 
Join our Email Newsletter

 
Class and Book

Want "Network Forensics" (the class) taught privately at your facilities? Request an Onsite

Order Network Forensics: Tracking Hackers Through Cyberspace!

read more
 
Need Expert Consulting?

Request a Quote

Email Us an RFP



Vulnerability Assessment
 

Identify your vulnerabilities--- before attackers do. Conduct a comprehensive examination of your systems, and receive a prioritized, detailed list of vulnerabilities and recommendations.

LMG's vulnerability assessment services include:

At LMG, we use a combination of detailed manual testing, in addition to automated scanners and specialized tools, to ensure that we comprehensively identify issues. Often, we find security holes that automated scanners -- and other security companies -- do not. Our testers are trained to think outside the box (just like hackers) and stay up to date on the latest vulnerabilties. You receive a report with detailed results, risk ratings, as well as descriptions of impact and prioritized recommendations.

 
Service Description Details
External Vulnerability Assessment

Test the security of your Internet-facing servers.

LMG's team of GIAC-certified testers examines your Internet-facing servers for security flaws. Testing begins with automated service enumeration and software fingerprinting. Next, LMG uses automated vulnerability assessment tools to identify known vulnerabilities in your servers. Our professional vulnerability scanning tools are always kept up-to-date and check for tens of thousands of known vulnerabilities.

Subsequently, LMG's experienced and creative consultants manually examine your systems for security issues, logic flaws, authentication bypass issues, and other vulnerabilities. In this manner, we identify issues that automated scanners do not detect---but hackers can.

Many vulnerability scanners produce "false positives" due to incorrect service banners or other errors. LMG manually checks high-risk issues to reproduce the vulnerability whenever possible and weed out false positives.

Finally, our consultants evaluate the results of automated scanners and manual assessment and provide you with an analysis of the root causes. This provides you with the greatest value from your investment.

Internal Vulnerability Assessment

Check the security of your internal network.

Comprehensively test your internal systems for vulnerabilities, in order to prevent worm outbreaks, foil insider attacks, and ensure compliance with regulations.

LMG's testers arrive onsite at your facilities and attach to the network at the location of your choice. From the inside, LMG conducts comprehensive port scanning and service fingerprinting, and identifies known vulnerabilities in your internal systems. This includes a detailed manual examination of your internal network. LMG weeds out false positives so that you can remediate issues more efficiently. You receive a detailed report with prioritized recommendations. You can use your report as a roadmap for improving your security posture.

Routine examinations (ie. quarterly, semi-annual or custom intervals)

Conduct routine vulnerability assessments and catch security issues quickly.

LMG routinely checks your systems for new vulnerabilities that have emerged since the last vulnerability test, and provides recommendations for remediation. This is an excellent way to ensure that security issues are identified and remediated in a timely manner. You may choose quarterly, monthly, or custom time intervals.

As part of the routine check, LMG conducts a port scan and vulnerability scan of external systems using automated tools, and compares the results with previous assessments. New high-risk issues are manually verified. LMG provides a report summarizing changes in security posture since the last check, as well as the scanner results and prioritized recommendations.