Way-Assoc-1252x626.png

Vulnerability Assessment, Penetration Testing and red team assessment

Any device with access to the Internet, be it a web portal, firewall or border router, is a potential open door to would-be attackers.  Digital Ramparts Information Security provides vulnerability assessments during which it closely maps the network architecture, examines open ports, hosts and services with access, and ensures that these network devices are secure.

Digital Ramparts Information Security gathers information such as domain names, IP network ranges, operating system and applications, to identify systems on the network, how they are related, the services that are exposed through open ports (such as http, SMTP, terminal services, etc.). Once open ports and attached services are identified, Digital Ramparts Information Security determines whether each service has been updated with the most recent patches and identifies other vulnerabilities located within the exposed services.

In addition to conducting vulnerability assessments, Digital Ramparts Information Security performs more rigorous penetration tests in which the information gathered from its assessment is used to attempt to penetrate the network. This more thorough procedure can confirm whether potential vulnerabilities are, in fact, capable of being exploited to expose the network.

  • Client lists, credit card records, and other confidential information held in databases must be given particular protection from unauthorized disclosure. Digital Ramparts Information Security tests data integrity to determine whether any vulnerability may compromise this sensitive information.

  • Social engineering involves manipulating and/or deceiving company employees and other human resources to gain unauthorized access to a network or to confidential information. Once weaknesses are identified, Digital Ramparts Information Security recommends procedures designed to ensure that employees do not divulge information that could compromise company assets. The social engineering assessment not only uses tactics intended to gain confidential information, but also to induce unsuspecting employees to create vulnerabilities that can subsequently be exploited to gain access to confidential information.

  • Depending on the clients needs, Client-Side testing can be performed by Digital Ramparts Information Security under varying degrees of disclosure of network information from the client, for example with or without network accounts.

  • Web Service assessment examines what services are being offered on Web-based portals and e-commerce applications to examine potential vulnerabilities with respect to authentication, authorization, data integrity, data confidentiality, and consumer privacy concerns. Digital Ramparts Information Security can test these applications using either zero-knowledge testing or full-access testing to examine the full range of potential vulnerabilities. Digital Ramparts Information Security also conducts source code audits to identify any potential vulnerability among the applications and scripts that are accessible through the web.

  • Wireless networks, while highly convenient, present an additional security threat since the wireless signals are not limited by the physical boundaries of a traditional network. Digital Ramparts Information Security evaluates how to prevent wireless communications from being exposed to eavesdropping and access by unauthorized intruders. Additionally, Digital Ramparts Information Security examines the enterprise infrastructure for unencrypted or standard encrypted enabled access points that may be vulnerable in order to ensure the security of the network.

  • Acquiring confidential information can often be obtained by simply gaining physical access to company location. Digital Ramparts Information Security conducts on-site surveillance to assess physical security and uses social engineering, pass key duplication, and other techniques designed to gain physical entry into secure areas and the network system.


Following all vulnerability assessments and penetration tests, Digital Ramparts Information Security uses the information it gathers to prepare a thorough vulnerability analysis and offers recommendations for strengthening network security.