How the Reef Cyber Security Penetration Test works:
Step 1: You click on an executable (simulating what happens when a link in an email is clicked).
Step 2: Let the executable run once. This takes between 5 minutes and an hour (up to 2.5 hours on older machines). Go about your normal routine as it runs.
Step 3: We will analyze your results and present our findings as to what a hacker would find on your network. This will include cloud drives, One Drive, DropBox, Box, SharePoint and other file-sharing programs.
These findings include:
Security Patches & Vulnerability Management: Discover whether your network has vulnerabilities resulting from patch management issues.
Your Network’s Perimeter Defense: Using multilayered boundaries, including a firewall, intrusion prevention and intrusion detection are more critical today than ever before. Our scanner will test whether your firewalls are configured correctly and whether they appropriately alarm.
Identity & Access Management: Learn if your team is using stale, repeated or crack-able passwords for accounts on your network. We’ll help you institute security best practices for handling passwords and credentials, such as the usage of multi-factor authentication for remote access, critical accounts and administrative accounts, enforcement of a strong password policy, absence of default and/or shared accounts and more.
Identify Serious Data Leaks: Locate where sensitive data is stored on your network and make sure it’s being guarded. Hackers commonly exploit both your network and data assets when attacking your network.
Measure Your Malware Defenses: Determine if you have an appropriate cyber stack that will respond to a simulated virus attack. Deployment of a solution which controls the installation, spread, and execution of malicious code at multiple points is critical.
Information To Inform Your Cybersecurity Decision Making: Gauge where your cybersecurity REALLY is today. Learn whether data encryption is functioning properly, what information about what a hacker can see around an infected device, and whether your network would withstand an attack (even on one machine!).