R. Kinney Williams - Yennik, Inc.
R. Kinney Williams

 
Yennik, Inc.

VISTA Penetration Study
Internet and internal network security testing
for US banks, savings & loans, and credit unions

 


Phases involved in the Vulnerability Internet Security Test Audit

Frequently ask questions

VISTA Phase I

After we have received your authorization, we start working with you and will conduct the Vulnerability Internet Security Test Audit (VISTA) as soon as possible.  Normally, you will received the finally reports in one to two business days.  

The VISTA does not trigger a Denial of Service because the audit allows for a variable bandwidth load (low, medium, high, and maximum) on the machines it is scanning.  We always conduct the testing using "low"  bandwidth so that there is no inference with your operations.  The VISTA closely monitors the time-response (through RTT, response-time tests) and dynamically adjusts the load appropriately so that you will probably not even notice when the VISTA is conducted.

VISTA Phase II

Through a secure SSL browser based connection we log in to your supplied IP address and scan the active IP addresses.  By supplying these IP addresses we are able to scan and identify all network devices accessible via the Internet.

These devices may include routers, switches, hubs, firewalls, Web servers, mail exchangers, UNIX and NT servers, workstations, desktop computers such as PC and Macintoshes, printers, and other network appliances.  

List of Vulnerabilities scanned.

Devices identified Devices scanned
? Routers
? Administrable Switches
? Administrable Hubs
? Operating Systems
? Firewalls
? Web Servers
? FTP Servers
? LDAP Servers
? Load Balancing Servers
? Databases
? E-commerce
? DNS and bind
? Back doors and Trojan horses
? CGI
? Databases
? E-commerce
? File Transfer Protocol
? Firewall
? MS Front Page
? General Remote Services
? Hardware & Network appliances
? Information services
? (NIS, LDAP, WHOIS)
? Information gathering
? Mail services
? News server
? SMB/Netbios Windows file sharing
? SMTP and Mail Transfer
? SNMP
? TCP/IP stasks
? Web server
? MS Windows
? X-Window


VISTA Phase III

During the analysis phase, the Knowledge Base uses its up-to-date database to test for vulnerabilities.  Multiple sources and methods are employed in updating the Knowledge Base.  These methods include the monitoring of hacking sites and research conducted by our service provider's dedicated engineers.  Our service provider has partnered with Security Focus (the leading publisher of vulnerabilities) to ensure that the knowledge base is fully current.


VISTA Phase IV

Once the identification and analysis phase is completed.  We provide easy-to-understand HTML reports that summarize the security of network devices.  At this time, if you are not satisfied with our service, you shall owe us nothing.

? Summary Information
? Network Information
? Host Information
? Vulnerabilities Detected
? Severity Levels
? Potential Consequences
? Recommended Fixes (w/ patches)

We also generate a Management Summary, which contains a global view of the security level of all external network IP addresses and the changes since the last scan.  Sample html reports:

VISTA Management Summary Report

 

VISTA IT Project Report

 

VISTA Phase V

With 34 years IT auditing experience, we provide a written report to your Board of Directors that ensure them that the vulnerability test was conducted properly and that the reported results are accurate.  We are a member of the Information Systems Audit and Control Association and adhere to the Standards for Information Systems Auditing and the Code of Professional Ethics.

Frequently ask questions

E-mail Kinney Williams at examiner@yennik.com or call Office 806-798-7119 to schedule your 
Vulnerability Internet Security Test Audit (VISTA)

Back Button

 

Company Information
Yennik, Inc.
4409 101st Street
Lubbock, Texas 79424
Office 806-798-7119
Examiner@yennik.com

Please visit our other auditing sites:
The Community Banker - Bank FFIEC & ADA Web Site Audits
Credit Union FFIEC & ADA Web Site Audits - Bank Auditing Services
Medical Records Security
US Banks on the Internet  
US Credit Unions on the Internet
Penetration-Vulnerability Testing

 All rights reserved; Our logo Yennik, Inc. is registered with the United States Patent and Trademark Office.
Terms and Conditions, Privacy Statement, Copyright Yennik, Incorporated
VISTA

We are Americans and will never be defeated.