Server penetration testing
With this service, we will audit a server, usually via SSH.
We will test that it is being patched correctly and scan for vulnerabilities in OS installed applications such as Apache or MySQL.
Your business’s security ‘posture’ is constantly changing, in line with the ongoing risks, faced from multiple external and internal sources.
A traditional penetration test is a single “point in time” assessment of any endpoint, which is a good start, but can never provide you with total protection. It’s for this reason penetration testing forms just one part of our portfolio.
Dogsbody Total Security offers our customers a continuous cycle of testing and remediation, in order to combat the constantly moving targets which evolve online each day.
“We like to think of ourselves as cybersecurity guardians, watching over your business, constantly protecting you from the bad guys.”
– Dan Benton, founder, Dogsbody Technology
We understand that there is a need to test and check your entire platform regularly. From operating systems to SSL certificates, Dogsbody Total Security works with customers to establish a regime of automated checks and monitoring, combined with human intervention, so that even the smallest aspects of your eco-system are protected.
Package it your way.
We can provide one off services, such as a server vulnerability scan, or for complete peace of mind, most of our customers choose to take our ongoing managed services.
Constantly assessing the best tools available, we only work with the best partners.
We work with industry leader Tenable Inc utilising their multi-award winning tenable.io product to perform scans and assessments and then sit down with you to help make sense of the results.
Running a penetration test is only half the battle. Firstly scans have to be set up correctly by our trained experts, to test exactly what you want. The results you then get back can be complex and confusing. That’s where we add our layer of expertise.
We combine Tenable’s scanning expertise, with our plain English, human, no nonsense approach, to give you the peace of mind you’re looking for. One without the other is like bread without butter.
Some security companies like to baffle and confuse. We don’t.
We are infrastructure agnostic and so whether you’re using a cloud service, we host or you host, if you’re running Linux, we can help.
There are many different types of security service. Here’s how we protect our customers, every day:
With this service, we will audit a server, usually via SSH.
We will test that it is being patched correctly and scan for vulnerabilities in OS installed applications such as Apache or MySQL.
This type of scan will audit a website and its code, usually via HTTP(S). It will test that the site isn’t vulnerable to attacks such as XSS, injection and authentication issues.
This type of scan is particularly important, if you aren’t using a framework and have custom code written just for you.
This service is available for a number of large cloud providers (AWS, Azure, GCP) and looks for common configuration and security mistakes which come from the misconfiguration of infrastructure, built on these platforms.
Credit Card companies require PCI:DSS (Payment Card Industry Data Security Standard) scans for any business taking card payments directly on their websites.
We highly recommend regular security scanning and are happy to offer discounts on quarterly, monthly, weekly or even daily checking. Scheduled scans would only involve us should something change in your infrastructure/report.
Security is woven throughout everything we do. We offer port & resource monitoring as standard as part of our custom maintenance plans alongside helpdesk support for any security concerns.
Everything we do with our managed security services is underpinned with our human touch. We pride ourselves in guiding customers through what can be a difficult process.
Initially, we will sit down with you to define exactly what you want scanned and how / when you would like it completed.
There are always risks associated with a security audit, especially in a production environment. For this reason, scans can be scheduled for a maintenance window or we can work with you to “verify” production servers, whilst running an in-depth analysis on staging servers, ensuring issues will be minimised.
Once configured correctly, the tests will be run. An engineer is always on standby, ready to react should anything untoward happen.
A report will then be created from the scan results and supplied to you within 5 working days of the scan.
This report is written specifically for you and includes a summary page that can be shared with company executives (and suppliers). There is also detail, which can be shared with developers to aid their debugging and resolution of any problems.
We also hold conference calls or face to face meetings with your team, to ensure the report is understood and can be actioned correctly.
Re-scans are included free of charge for up to 28 days after the initial scan. This is a sure fire way of knowing that any identified issues have been resolved to your satisfaction.
Call us for a no obligation chat – let’s help you right away.
If it’s less urgent, give us some detail in the form below and we’ll be right back to you.