Your security is our responsibility

 
Solutions
 
ICT

Business Continuity

Information Assurance

Networking

Network Services

Network Cabling

Wireless Networking

Risk Assessment

Network security assessment

Firewall security assessment

VPN security assessment

Wireless security assessment

Social engineering security assessment

Server security configuration assessment

Microsoft® Windows® security assessment

Network architecture security assessment

Mobile security assessment

VoIP security assessment(if apppcable)

IPTV Security Assessment

Physical security assessment

IT Security

Information Security

Information Security Challenges

Computer Security

Why Choose our Security Services

Security Architecture Design & Review

 

Consultation

Training

Request a Quote

Company

Company Policy

Free Security Check

 


Our engineers have extensive  experience and a wide scope of qualifications. We are continually in touch with skill advancements and endeavour in maintaining a competitive edge by staying ahead of emerging technologies.

Certifications - CISSP, CISM, MCSE, MCSES, MCSEM, CEH, CEF and CCNA.
CIW Security Analyser
MCSES
CISSP Certification

Information Security Challenges

We Deliver Solutions to Your IS Challenges and specialise in tackling and solving the most-challenging information security issues.

GNS works with customers at any stage of the business cycle, delivering a complete package of services to meet their entire range of security needs. Working with GNS, customers can choose between standard solutions and/or custom solutions, delivering proprietary advantages.  This is achieved by use of industry-leading security products coupled with the latest technologies.

GNS has access to the best resources, in terms of both technology and specialists ensuring that your IT organisation is further enriched by our contribution.  Your IT organisation can challenge GNS to test the accessibility built into your network system, and with this authorisation we will check for weak points that may allow ingress onto your network and where needed suggest or provide solutions.

Types of challenges we can meet

Security Training:

GNS provides “Security Training” by way of instructing your key IT security personnel on the latest IS topics and include information security research and techniques. Our training encompasses the latest penetration testing, exploit development and software training methods, and can be customised to suit your business model.

Penetration Testing

GNS will initiate with client authorisation an attempt to breach the information security architecture of your system using attacker techniques. Our penetration testing service goes beyond vulnerability scanners by enabling real-world attacks on your IT assets.  This service will efficiently assess the specific threats to your organisation and present an analysis of the security risks identified and how to mitigate them. The sole purpose of our penetration testing service is to improve the information security posture of your organisation.

When you request GNS Security Consulting Services to provide specialised, objective assessment of your organisation’s security vulnerabilities, you get a top level team of IS consultants who are also IS researchers. That’s because we believe that IS research must be linked to real-world IS problems, and real-world IS problems must influence what we research.
With your IT team, our SCS team will undertake a 7-Stage Penetration Testing Process:

 

1- Define the Work Plan

The first stage sets the objectives of the penetration test and attackers’ profiles for the tests, ranging from what potential havoc an authorised user can effect on your network through to the most nefarious business-injuring destruction that a determined hacker can cause. From there, there must be agreement on the scope of the penetration test, including internal and external servers. Also scoped will be all components of the security architecture, remote-access devices, and shared workstations. Finally analysis of the findings is most important in defining the success criteria.  Both positive and negative findings should be analysed in order for your organisation to measure the results against predetermined criteria including both external and internal attacks.

 

2- Gathering of Organisational and Infrastructure Intelligence

The GNS team gathers technical details, including identification of network access points, network mapping and OS fingerprinting, about the target hosts and gathers publicly available information on the owner of the network or application in question to plan a comprehensive attack.

 

3- Detect Vulnerabilities

The GNS team then conducts the authorised attacks using public, custom, and professional tools, including our own penetration-testing framework, GNS will search for vulnerabilities in the targets, which will allow access permission. These tests will expose compromised hosts that will be used as escalating points during the next stages.

 

4- Analyse and Plan

Next the GNS team collates information gathered in during the previous stage so that they can plan a series of subsequent actions, including planning of the overall approach to target test each network entry point, which in turn will formalise which targets require further research.

 

5- Attack and Escalate Privileges

Based on analysis the GNS team has just made, the pen testers perform an attack, taking advantage of system and user privileges obtained from the previous stages. They escalate the attack based on compromised hosts used as vantage points to escalate these attacks to other targets obtaining elevated privileges that lead to still further compromise of the network’s operating systems and corporate data. Then they will continue to pivot and loop back through stages 2-5 until goals defined in the Work Plan are achieved.

 

6- Report Analysis

At this point the GNS is ready to report high-risk vulnerabilities to the client. The pen testing team consolidates and analyses the findings and reports formally at the end of the engagement to your IT decision-makers so that your organisation is better informed and better prepared to conduct your own penetration testing or to direct additional consulting services.

We review:

  1. The Objectives and Scope of the penetration test.
  2. Conclusions from each test phase regarding remedies required and the relative priority of the recommendations.
  3. Details gathered on every system, including the high-risk systems found vulnerable to attack, and detailed lists of vulnerabilities.

7- Clean up

The GNS team cleans up all traces of the pen test by removing all testing traces of compromised systems, returning the system and any compromised hosts to the exact configurations that they had prior to the penetration test.