Cyber Fox is EC-Council accredited training centers in Vijayawada and this institute provide best Certified Penetration

1. Network Security Vulnerability Scanning & Penetration Testing

2. About Us > Assisted >1 million merchants > Largest PCI support staff worldwide > Certified as ASV, PFI, QSA, PA QSA > Member of PCI Security Standard Council task forces and special interest groups > Performs on-site auditing, forensic investigations, penetration testing, vulnerability scanning, security consulting, PCI compliance > Offers network security devices, data discovery software

3. Testing Network Security • 93 % of large organisations and 76% of small businesses experienced a security breach in 2011 (Information Security Breaches Survey, 2012) • Compromise costs • Financial penalties • Average organisational cost $5.5 million (Ponemon Institute, 2012) • Significant loss of reputation/brand trust • Various ways to test network security – Vulnerability scan – Penetration test – Anti-virus/malware software – Appliances (Intrusion Prevention Systems) – Spyware (most thorough)

4. Vulnerability Scan (VA scan) An automated, high-level test Process Should be conducted by a company with accreditation (i.e., PCI SSC Approved Scanning Vendor) Automatic network scans on a quarterly basis Report of weaknesses, false positives Weaknesses patched on a prioritised basis Good VA scan searches for over 50,000 vulnerabilities • • Identifies network weaknesses and ranks how critical they are Gives a beginning look at what possibly could be exploited • • • • • Benefits • • • • Takes a matter of minutes Quick high - level look at possible vulnerabilities Very affordable Automatic Limitations • Sometimes test falsely classifies object as a vulnerability (false positive) • Manually check each vulnerability before testing again Internal

5. Penetration Test An exhaustive, live examination Process • Live attempt to exploit vulnerabilities • • Try to fake passwords, manipulate code, fool web servers into giving sensitive information Run automatic vulnerability scan Follow up on reported vulnerabilities Prove the vulnerability can be exploited Internal and external testing •External- perspective of an hacker over Internet •Internal- perspective of someone within network Report findings and recommendations per target • • • • Analyst takes on “hacker” role • Benefits More accurate, thorough than VA scan Manual: Live analyst reviews the logic of the application and determines how to leverage access Rules out false positives • • • Limitations • • Cost Time (1 day to 3 weeks)

6. Comparison Vulnerability Scan Penetration Test • Automated Minutes Scheduled Passive Report false positives Programmed • • • Identical N/A • • Manual Days • • Annually (after significant change) •Aggressive •Rules out false positives Intuitive Accurate/thorough Exploitation • (main difference) • • • • • scans Both tests work together to encourage optimal network security

7. Conclusion • Computer intrusion was responsible for 83% of the total reported exposed records in 2011 and 1/3 total breaches. –DataBreach IntelligenceReport,2012 “History has taught us: never underestimate the amount of money, time, and effort someone will expend to thwart a security system. It's always better to assume the worst…Give yourself a margin for error. Give yourself more security than you need today. When the unexpected happens, you'll be glad you did.” -Bruce Schneier: cryptographer, security expert

8. Contact us Cyber Fox Technology Address: 3rd Floor, Lohia Towers, Nirmala Convent Road, Patmata Distt. Krishna , Vijayawada (India) Contact Email: info@cyberfoxtechnology.org Mobile:+91-9652038194 Website: http://cyberfoxtechnology.org