INFORMATION SECURITY

Penetration Testing

Penetration testing is our core service offering and our true area of expertise. A penetration test conducted by Orion will emulate a highly skilled attacker, and will leave you knowing, not just hoping that your network/systems defenses have been properly tested. A typical Orion pen test team is made up of 3-4 security engineers, each with a minimum of 10 years in Information Security, with most of those being in penetration testing. Orion security engineers have written books on the topic, have researched and discovered new vulnerabilities (zero day), are up to date on emerging threats and trends, and have each conducted dozens of penetration tests. Orion Solutions is capable of testing all aspects of your systems – wireless, web applications, applications, network, modem connections, social engineering attacks, and more. Results from a vulnerability scanner are often some of the last things we look at when doing a penetration test – we think like an attacker, so we target “soft” systems first. We usually gain access to systems and find vulnerabilities that a scanner doesn’t. The product of an Orion penetration test is not simply a regurgitated vulnerability scanner report. Rather, we perform a qualitative analysis of the vulnerabilities of your system and present the true impact of a particular vulnerability. Let’s face it – sometimes a “High” vulnerability found by a scanner means nothing, and the inverse is also true – a “Low” can compromise your system.

Vulnerability Scanning and Assessment

Orion engineers have been working with vulnerability scanning software since their inception, and if there’s one thing we know, it’s how to tune and optimize them. What good is a vulnerability assessment if not all the hosts were discovered? If the organization’s mission has been disrupted because of improper settings in the scanning software and important systems have crashed, what good is the report? We take great pains and caution to ensure that our scanning activity does not impact the organization’s mission and business operations. We have over a decade of experience in scanning and assessing fragile networks and systems. Some of these control space craft; others control power grids.

Security Architecture Review

Usually combined with a penetration test or vulnerability assessment, we will review the network architecture and overall system boundary for weaknesses. We conduct “tabletop” reviews of firewall rule sets, IDS configurations, router and switch configurations, and then conduct scanning to technically validate what we see in the configuration files. We interview system and network administrators, and attempt to determine if their administration practices are sound.

Certification and Accreditation Activities

Orion has significant experience conducting a wide range of C&A activities – we’re exceptionally good at conducting Security Testing and Evaluation (ST&E), Risk Assessments, POAMs, vulnerability scanning, and penetration testing. We are able to conduct an ST&E fairly quickly, as we automate technical controls testing using vulnerability scanning software. We often team with our partners to provide more complete and robust C&A capabilities.

Forensics and Incident Response

We are capable of doing both “dead box” forensics and live forensics, along with network forensics and intrusion detection. Our engineers have years of experience in detecting and preventing attacks in large government enterprises, and have developed custom solutions where needed.