3Com® TippingPoint™ Security Posture Assessment

The 3Com® TippingPoint™ Security Posture Assessment provides a comprehensive security evaluation for the network identifying vulnerabilities, weaknesses, and exposure to exploitation on the external and internal infrastructure. A detailed report provides a snapshot-in-time of the network's vulnerabilities to help build an effective security posture. The report includes recommendations on administrative actions and technologies available to keep the network secure.

A security specialist certified by TippingPoint, a division of 3Com and an industry leader in intrusion prevention, manages the assessment from start to finish. The service includes network mapping, identification, confirmation, and exploitation of possible vulnerabilities that are found on networks.

The security specialist performs security scans of network devices, servers, and workstations for possible vulnerabilities. Once initial identification is complete, the TippingPoint Security Posture Assessment goes one step further than many assessment services by manually verifying potential threats that are identified by the tests. This includes the logical follow-through of results across other hosts that may have passed initial remote testing. The security specialist will attempt to gain privileged access to the hosts, crack weak passwords, and collect screenshots or other data samples to show examples of access gained and statistics that can be used to help build a strong security posture.

Using a variety of sophisticated open source tools and an exclusive program developed by TippingPoint intrusion prevention engineers, the security specialist is able to perform even the most recently identified attacks and exploits. While effectively testing for access and security breaches, these tests are performed with careful attention to detail, to ensure the safety of networks.

The final report includes the test methods used to identify network vulnerabilities, the services running on all assessed hosts, results from the assessment findings, and expert analysis based on the security engineer's extensive experience with the broad spectrum of security threats. The report recommendations are vendor-neutral, and applicable to any network as the report specifies administrative actions as well as broad technologies that can be applied to address areas of interest.