Use Our Offense to Inform Your Defense

Internal network security assessments help an organization gain a clear understanding of the risks facing their information assets from an insider's perspective – a measure of the exposure resulting from the trust placed in employees, contractors, and visitors.

Whether a high-level overview or a thorough, in-depth review is desired, DISD works with your staff to produce prioritized findings, recommendations, and remediation or mitigation steps to fit your organization's profile.

DISD performs internal network security assessments according to a well-developed and refined methodology, in order to provide thorough, accurate, and reproducible results. Testing typically begins with network configuration and traffic analysis to determine target address ranges, trust relationships, data flows, and infrastructure weaknesses. Consultants then enumerate live hosts, available services, and high-value targets. Automated software is used to efficiently identify known software vulnerabilities and mis-configurations. Consultants subsequently focus on verifying and exploiting exposures and vulnerabilities, escalating privileges, and pivoting within the internal network to compromise systems and gain agreed-upon levels of access, as dictated by the rules of engagement.

Activities involved in an internal network penetration test include, but are not limited to:

DISD works with our customers to identify the goals of security assessments prior to testing, and is available to assist in remediation efforts upon request.