Regulatory Compliance Services


Penetration Testing Services

Penetration Testing services from CSI help you prevent information security vulnerabilities through ethical hacking.

Often known as “security testing” or “pen testing,” penetration testing actually attacks your own IT system, searching for holes in your security.

Regular and professional penetration testing of your network’s ability to withstand attacks is crucial to your Information Security program. In fact, your financial institution is expected to perform an internal pen test and external pen test of your networks at least once per year in order to meet Gramm-Leach-Bliley Act (GLBA) compliance.

External Penetration Testing

CSI provides superior external penetration testing performed by our GIAC- and CISSP-certified consultants, who adopt a real-world attacker’s methodology of reconnaissance, scanning and exploitation through hacking testing. 

Our External Penetration Testing includes:

  • Gathering of public information that could be used to penetrate your network
  • Vulnerability scanning to identify weaknesses
  • Vulnerability assessment to verify the results and determine potential impact
  • Conducting safe “exploit” attempts using the information uncovered
  • Testing of such Internet devices as firewalls, perimeter routers, Web servers, mail services, etc.
  • Thorough post-test reporting

Internal Penetration Testing

Information Security program guidelines instruct financial institutions to conduct annual internal network and application-layer penetration testing to ensure the security of customer information and assets.

With Internal Penetration Testing, CSI will:

  • Help your staff identify potential targets and attempt to gain access
  • Attempt to exploit vulnerabilities without the interruption of services
  • Identify vulnerabilities through hands-on, manual testing and research
  • Identify issues and situations that a basic scan would not detect
  • Consult with management to develop a list of observations and recommendations
  • Provide thorough documentation
  • Offer an optional addition of Wireless Network Audit

Wireless Network Audit

As an additional option, CSI’s Wireless Network Audit performs limited social engineering testing to entice users to connect to unauthorized access points in order to test the encryption and authentication methods in use on your wireless networks. 

Learn More About External and Internal Penetration Testing

Don’t wait until your business suffers a security breach. Contact CSI today to learn more about financial industry penetration testing. Just complete an online contact form, and we’ll reach out to you.