F1 Solutions offers a wide variety of vulnerability testing services. Many of the government regulations that you fall under may ask for some or all of these components to be employed.
Internal and External Vulnerability Scans
This network scanning tool allows us to find hidden vulnerabilities that may exist on your network. We will do a risk analysis of your network and measure it against your particular regulation to insure compliance. We will present you with an easy to read but detailed remediation plan with timelines of work completion. We utilize two of the industries most trusted scanning tools in conjunction with our experienced team reviewing all reports.
Many regulations for data protection require that you perform a “White Hat” test phishing expedition on your staff to identify who is most likely susceptible to malicious phishing campaigns from the outside. This is not designed to chastise your staff, but to identify areas that we should focus on for detailed remedial training on malware and phishing e-mails. F1 can offer several levels of employee phishing e-mail campaigns and will provide a detailed report of who fell for the campaign and what information was gleaned. This is to test your end user security awareness. F1 will help you develop a targeted training to address any issues that the campaign highlights.
By using common hacker tools, we will take your passwords as they are on your network and see how long it takes for us to break them. Anything over a few hours is considered strong. If a password is cracked in a few minutes it is considered vulnerable. You will be provided a list of passwords that we accessed, with an evaluated strength level and a report of those that might need to be changed.