Comodo Penetration Testing provides a compliance service that effectively supports business areas in their duty to comply with relevant laws and regulations and internal procedures
The systematic enumeration and prioritization of the risks that a system or network faces is crucial to understanding how it should be secured. Using a hybrid approach between attacker centric and asset centric modeling methods, Dragon Labs can expose the risks to your most critical assets.
Starting with a detailed classification of assets, data and business processes, we gain an in-depth understanding of what is important for you and what would be of interest for an attacker.
We've all heard the expression "one man's trash is another man's treasure". In the field of cybercrimes, this is exceptionally true. As valuable as your database might be to you, it could be far more valuable to a hacker who can use your data to send spam mails and commit financial fraud.
The attacker centric approach that follows this initial audit allows us to add the attacker's point-of-view.
All possible attacks are gathering in detailed attack trees and each is carefully analyzed for their feasibility and potential damage. Potential attackers are also profiled and the critical assets each profile could target are listed.
Data resulting from the threat modeling made by Dragon Labs also helps companies better plan their information security investments and increase their ROI.