Package

Business Essentials

This package is designed to be a cost effective security solution to gauge your organisation’s security posture against the most likely attack vectors. 

Data Breach / Credentials Theft Analysis

Email leak search in public and private leak databases.

Credential leak search in public and private leak databases.

Domain name search for compromise / breaches.

The outcome is a detailed report showing if your organisation has been compromised, or at what level of risk the organisation is currently facing due to credential leaks, including susceptibility to password stuffing attacks via the organisation’s internet-facing authenticated services.

External Penetration Test

Commercial-grade vulnerability scanning against external network / internet perimeter (up to 30 IP addresses).

Penetration Testing of external network / Internet perimeter up to 30 IP addresses). 

Assessment covers web applications, network devices, remote access solutions, firewalls and any networked service published to the internet.

The outcome is a detailed report show what services each host has published to the internet, what services are vulnerable to attack, the extent to which each vulnerability can be exploited and expert advice on how to mitigate the risks that were uncovered during the assessment.

Web Application Penetration Test

Commercial-grade vulnerability scanning of web applications (up to 5 web applications), as an unauthenticated user, checking for all common web vulnerabilities (based on OWASP Top 10),

Automated and manual web application penetration testing as an unauthenticated user (up to 5 web applications).

The outcome is a detailed section in the report that details the methodology and checks performed, issues identified and exert advice on how to remediate each discovered vulnerability.

Business Email Security Review

A Business Email Security Review is a hybrid security assessment that involves:

Checking external Email configurations (DNS, MX, SPF, DKIM, DMARC)

Scanning external-facing Email services with commercial-grade vulnerability scanner to determine open services, misconfigurations, access control issues, encryption, software vulnerabilities.

Manual security checks (connecting directly to the SMTP service, testing authorisation controls).

Testing for insecure remote access (E.g. OWA).

Firewall Hardening Security Review

A Firewall Hardening Security Review is a hybrid security review that entails both technical and documentation reviews.

An external vulnerability scan of internet-facing firewall interfaces, identifying open services, misconfigurations, and vulnerabilities.

A configuration review of the firewall’s configuration against industry best practices (CIS or NIST). This identifies insecure firewall rules, access policies, software patching levels etc. 

Pricing and Conditions

$6000 AUD exGST

External Network: No more than 30 active IP addresses.

Web Application: Unauthenticated penetration testing only (not testing user logins). Up to 5

Business Email: No more than 2 external email servers / services.

Firewall: No more than 2 internet-facing firewalls.

Optional Addons

This is a flexible package and services can be swapped in and out. Please view our full services list if you would like more options.

Book a free Cyber Security consultation today