LOOPHOLD Security Distribution, local distributor of Trustwave information security and compliance solutions, has announced the release of Trustwave’s PenTest Manager. PenTest Manager offers enterprise clients the ability to manage all forms of penetration tests in real-time, and view live detailed test results and recommendations. PenTest Manager delivers media demonstrations of evidence gathered in penetration tests.
Penetration Testing, or ethical hacking, helps ensure proper security controls are in place to protect an organisation from attack by cyber criminals hoping to steal valuable information and cause business disruption. PenTest Manager provides users with at-a-glance views of projects, test status and findings to manage application, network, physical and wireless penetration tests, performed by Trustwave’s advanced security team, SpiderLabsR.
The vulnerability evidence provided by PenTest Manager includes image slideshows and screen capture videos displaying how each vulnerability is exploited. This proof of exploitation shows executives and security staff the true impact of each vulnerability in a way traditional reports cannot.
No other testing team allows clients to “look over the shoulder” of an ethical hacker in this manner as they expose weaknesses in critical systems.
Says Martin Tassev, MD at LOOPHOLD Security Distribution, “In today’s online threat landscape, immediacy is key. That’s why the PenTest Manager is so effective – it allows real-time collaboration between the Central Information Security Officer (CISO) and the testers, and also provides the CISO with a clear understanding of vulnerabilities – so they essentially get a ‘first-hand’ look of the weaknesses in their systems.”
In addition to media based evidence, detailed reporting and recommendations are provided to help clients secure the tested environment. Unlike traditional PDF-based reports, PenTest Manager allows customers to search current and historical vulnerabilities, and track remediation efforts.
To ensure that application vulnerabilities don’t leave holes for intruders, virtual patches for Web Application Firewalls are custom-built by SpiderLabs, specific to each exploitable vulnerability. This minimises the vulnerability of applications as developers fix the underlying software issues.