Infrastructure Testing

We remotely test your target network in accordance with the Open Source Security Testing Methodology Manual (OSSTMM).
This process includes:

  • Network discovery
  • Service Identification
  • User Enumeration
  • Internet profiling
  • Web scanners
  • Network device test
Find out More about Infrastructure Testing

Infrastructure Testing

Red-Team will scan your network for vulnerabilities to ensure you are aware of any weaknesses or open ports that exist. We provide you with a full picture of your systems' security status on a regular basis from the view point of an external hacker on the internet.

This testing is recommended for companies who have any public facing systems connected to the internet including a secure VPN. This fully managed service needs no intervention from you. The process is simple - you provide us with the IP addresses of the hosts to be scanned and choose the frequency of your scan (daily, weekly, monthly, quarterly or annually). We will run the tests and provide a full 'easy to understand' test results matrix that will include any issues found and the recommended remedial action.

  • Network discovery - UDP/TCP Port Scanning
  • Service Identification - Banner Grabbing
  • User Enumeration - dependent on what services are offered
  • Internet profiling - vulnerability testing of all Internet devices
  • Web scanners -HTTP vulnerability scanners
  • Network device test - servers, firewalls, routers

Web Application Testing

Our web application security testing includes
the top threats identified by the Open Web Application Security Project (OWASP):

  • SQL Injection
  • Cross Site Scripting (XSS)
  • Broken Authentication & Session Management
  • Cross Site Request Forgery (CSRF)
  • Insecure Direct Object References
  • Security Misconfiguration
  • Unvalidated Redirects & Forwards
Find out More about Web Application Testing

Web Application Testing

The Red-Team ethical hackers utilize a combination of automated and manual tests using the latest tools and techniques to ensure excellent coverage. Our aim is to identify all potential vulnerabilities during assessments; this includes the top ten threats identified by the Open Web Application Security Project (OWASP):

  • Cross site scripting (XSS)
  • Injection flaws
  • Malicious file execution
  • Insecure direct object reference
  • Cross site request forgery (CSRF)
  • Information leakage and improper error handling
  • Broken authentication and session management
  • Insecure cryptographic storage
  • Insecure communications
  • Failure to restrict URL access

All issues found during a web application assessment are documented in a comprehensive, easy to understand security test report. Each documented issue includes business risk and technical impact, examples of attack vector, screen shots and remedial action required. We also provide a free post test support service to ensure all issues are clearly understood and answer any questions that may arise

Compliance Testing

Our PCI DSS Compliance testing helps your business to:

  • Build and Maintain a Secure Network
  • Protect Cardholder Data
  • Maintain a Vulnerability Management
    Program
  • Implement Strong Access Control
    Measures
  • Regularly Monitor & Test Networks
  • Maintain an Information Security Policy
Find out More about Compliance Testing

Compliance Testing

If your organisation stores, processes or transmits credit or debit card payments then you will need to comply with the Payment Card Industry (PCI) Data Security Standards (DSS). These new regulations issued by the major credit card companies such as Visa and MasterCard will need to be adhered to if you want to continue taking credit and debit card payments.

Red-Team can help with all aspects of PCI DSS, including penetration testing, vulnerability assessment and compliance auditing services (Requirement 6).

The PCI Data Security Standard consists of twelve basic requirements and corresponding sub-requirements and you will need to make sure that your IT systems, applications and databases are PCI compliant to protect card holder information.

About Red Team

Red-Team Security is a privately owned UK Company. We are the leading provider of ethical security testing services and are proud to have a team of highly skilled, experienced and qualified professionals. Each Red-Team member holds certifications across leading security disciplines and has extensive knowledge of current security standards, best practices and government regulations.

 

Read more >>

Industry news


Warning: MagpieRSS: Failed to parse RSS file. (Invalid character at line 7, column 143) in /home/r/e/redteam/public_html/magpierss/rss_fetch.inc on line 238

Warning: array_slice() [function.array-slice]: The first argument should be an array in /home/r/e/redteam/public_html/includes/rss.php on line 5
  • No items

Latest news from Red Team

  • Red-Team Security are currently looking for a Business Development Manager with a proven track record of selling IT Services/Solutions to major clients in the UK. The candidate will have a background in IT sales (Consulting, hardware or software). See the Careers section for more information.

 

 

Read more >>