Professional Services

PENETRATION TESTING


The National Cyber Security Centre (NCSC) describe penetration testing as;

"A method for gaining assurance in the security of an IT system by attempting to breach some or all of that system's security, using the same tools and techniques as an adversary might."


Laneden can help your organisation to identify any security risks you may have across your assets, from your network to your key business systems such as your web applications or transactional components. We can work together to build a statement of works that will bring you peace of mind and, that is not only cost-effective but all so tailored to meet your needs.

COMPLIANCE TESTING


Several standards and compliance frameworks have components specifically relating to security auditing and testing of systems. Either stipulating or suggesting regular third-party security assessments are required to understand if known security vulnerabilities affect relevant systems.

Penetration testing is a critical component of any efficient security programme regardless of any regulatory requirements. In today's environment, all businesses should be taking responsibility for how they manage and process their customer's data.

Regular penetration tests help identify vulnerabilities before any real-world damage that could be caused by their exploitation.

Penetration tests help security professionals identify, prioritise and mitigate security vulnerabilities before the bad guys can exploit them.

PERSISTENT THREAT SIMULATION


Persistent threat simulations use the same open-source intelligence gathering techniques as malicious actors, identifying information that could potentially be used to facilitate attack vectors. Laneden can show what information can be obtained from the public domain not only on you but also your organisation.

Utilising social engineering vectors enabled by the relevant data, Laneden can carry out attacks such as phishing, remote telephone attacks, and physical on-premise attacks.

We can help build a program of works that not only helps you understand what to expect when a persistent attack is underway, but also bring you peace of mind, through understanding how to mitigate these threats.

You would be surprised how much a change in perspective can focus attention.



"The value of experience is not in seeing much, but in seeing wisely."

William Osler

WIRELESS


Wi-Fi technologies, like any other technology, are susceptible to security weaknesses. Weak controls, deprecated protocols, configuration issues, design concerns, and segregation issues. Anyone of these issues could lead to data loss or brand damage.

A wireless assessment can help identify these weaknesses, highlight the risks, and most importantly, help to remediate them.

BUILD REVIEWS


Build reviews are largely dependent on the device or system. However, a typical review would include a physical review of the device itself, a review of security features such as hard disk encryption and the BIOS. A complete audit of the operating system against industry and government security guidelines, as well as potential susceptibility to malware and viral infection.

A combination of scenario-based testing, traditional auditing methods, and in-depth analysis of the configuration of the device/system is an effective way to identify potential nuances in the configuration of the operating system and installed applications, which some common auditing techniques could miss.

A comprehensive and concise report is created, containing detailed information on the device/systems security posture and recommendations to improve your security posture.

Services

Desktop

Services

Server

Services

Laptop

Services

Mobile Device

NETWORK SECURITY


Most businesses have a corporate network, a LAN (local area network), this network is comprised of network devices such as firewalls, routers, and switches. They tend to host services such as Active Directory (AD), Active Directory is a Microsoft product which consists of several services running on a Windows Server. Its purpose is to manage permissions and access to networked resources.

Laneden can help you build a security program that includes regular auditing of these devices, not only the rule sets but identifying known vulnerabilities and general insecure configurations. Delivering a simple to understand report detailing all the findings and recommendations.

Let's work together to bring peace of mind.