Wireless LANs offer an easy to use, easy to deploy and highly mobile method of connecting to a Corporate LAN. Because of this and plummeting costs there has been explosive growth in the deployment of 802.11 networks. The security of these networks however is often overlooked.
Contrary to popular belief the 802.11 signals can travel large distances from the access point, often hundreds of meters, often allowing the signal to radiate outside corporate boundaries. This combined with poor or non-existent security measures gives an attacker any easy opportunity to gain access to company data and networks.
It is not uncommon to find unauthorised "open" access points which have been connected to the Corporate LAN without the knowledge of the network or security departments. These rogue access points are difficult to detect on the network and they are physically small enough to go unnoticed. The security threat can be considered as similar to that of the un-authorised or un-secured modem.
To minimise the risk from this threat it is essential to understand what access points are installed, where they are and how they are configured. Pentest offers an 802.11 Wireless LAN site auditing service to help answer these questions, ensuring that wireless networks are properly secured and vulnerabilities fixed before they can be exploited. This service can be performed on a regular basis, to ensure that newly introduced "rogue" access points are detected, as part of a general security audit or as a specific audit of wireless network devices within your enterprise.
Pentest’s work is not just about finding vulnerabilities! Thanks to their ability to clearly interpret and communicate their findings, Pentest researchers play a role in educating Oracle developers about current and emerging security threats that customers will face in “real-life” deployments
Pentest offers a complete Database Security Assessment Service (DSAS) to businesses that rely on the security of the information held within their databases or have concerns relating to the security compliance of these systems.