Sage’s External Vulnerability Assessment and Penetration Test identifies the key strengths and weaknesses of your current environment, allowing you to see how it would handle various types of cyber-attacks. Once we’ve assessed your system for vulnerabilities, we conduct simulated attacks where we behave like the world’s most sophisticated cyber-intruder to determine how those vulnerabilities could be exploited. Using the results, we develop a remediation strategy that will help you mitigate the risk of falling victim to legitimate cyber intruders.
Through the testing, we will:
Sage takes a phased approach to assessing your system, with tools including:
What we learn in the Assessment Phase determines how we conduct the final phase:
Only certified Sage personnel are authorized to conduct our testing, which we perform using both automated and manual tools, commercial and open source applications, as well as internally developed proprietary tools and testing mechanisms. We never subcontract any part of our testing.
To avoid unnecessary interruptions to your workflow, we will never attempt attacks known to cause a denial of service (DoS). We provide you with the source testing IP addresses in advance, and notify you each day when testing will begin and end. If you prefer, we can schedule all of our testing during non-business hours.
Once we have completed the External Network Vulnerability Assessment and Penetration Test, we will provide you with:
There is no single, straight path that will get you to the point where you can say, “We did it! We’re 100% cyber-secure.”
A more realistic destination is cyber resiliency – the ability to prepare for and adapt to changing conditions, so you can withstand and recover rapidly from disruptions. Achieving cyber resilience depends on what we like to call the cybersecurity lifecycle – an ongoing cycle of interconnected elements that compliment and reinforce one another.