"They helped interviewing IT staff."
Penetration Test Agreement
Do you leave a door or window open when you leave your house? Do you leave a door or window open without having control over who accesses it? Do you have your front door protected with a generic key?
Any questions answered with a “NO”? It may come as a shock, but this is most likely how your devices are secured. In general, software goes to market because of budget and deadlines. A famous saying is that “software is like bananas; they ripe at the customer”; making money outweighs your security. If you take safety seriously, having us audit your system is the first thing you should consider.
How do you know what risks you have, and how easy is it to gain access to your systems?
Subscribe to our automated penetration tests. When you do, we will regularly monitor your system using our tools. Having us monitor the public access to your systems enables you to defend against the exploits malicious actors use to attack computer systems and software similar to yours.
Many years of experience have taught us that no “one solution fits all problems” and nothing is as easy to solve as they say it is. It will either cost you too much, or it will not solve your problem, which will cost you even more.
We are very careful when we execute a penetration test, we do not test services that are vulnerable to accidental outages and data corruption, we never enter a system nor do we extract data.
We do not believe in secure systems even when data is encrypted. Thats why we do not like to store data, specially client identifiable data like matching vulnerability to client accounts. If we detect a issue we will send you a report and delete any data we have collected.
Because we write the tools that other use.
Frequently asked questions
Simple to answer really, consider the following 8 points
- Have you been handing out your WiFi password to some one, especially some one you no longer have a relationship with?
- Have you shared an account like streaming service like Netflix, Disney, Amazon?
- Could some one that was at your house have gained access to your smart devices?
- Did some one use your phone, lets say to order food?
- Did you dispose of old electronics like a printer, a phone, or any wireless-enabled wearable technology like a watch or Fitbit?
- You're internet service provider gave you some router, or your router is cheep, or more than a year old?
If any of the above is a ''yes'' then first, before you continue reading do this, in this order
- change the passwords on your email accounts
- change all the passwords to all financial services (banking, Credit cards, Investment portfolios...)
- change all passwords on all your social media accounts
Also, if any of the following is true 7 You any one in your household plays on-line games. 8 You have data that ... you can't afford to loose, or would not like to share with the whole world.
Here are the common ways where you will be exposed
- Infrastructure gets attacked from the world wide web by dual use software that will scan for vulnerabilities on your network literally giving a detailed road map of how to gain access;
- Your WiFi network is easily targeted by individuals that attack router via its default user name and password as well as remote management configurations. If they really want to get in, then they will get in, and they will use software like RouterSploit or MetaSploit to join your network;
- Infrastructure gets attacked by its own edge devices like routers and firewalls, sounds bizarre right, well it’s the most common exploit used by attackers. A hacker will take over an edge device like a router and use the router to attack the owner of the network from within;
- You get attacked via your local network using compromised hardware like other computers on the network. The network can be your home or office network but also that cool VPN network;
- Users get attacked by your IoT devices like a smart thermostat, smart TV’s, smart light bulbs, Air-conditioning, even their own phone via that cool app/ game. All these devices have software that is not designed with security in mind and has no anti-virus or firewall on it;
- Large organizations get attacked all the time via an employee bringing compromised hardware to the workplace or, the user gets compromised themselves when he/she connects to the office.
If you provide us with your email address we will use it to inform you when we detect that your personal data is being sold on the dark-web. If you do not than this feature will only work if your PC is active as your PC knows your email addresses and the intrusion detection service validates those for you.
Some services like emailing customer support or contacting us via WhatsApp requires us being able to identify who you are and that you are a client with an active support contract. It would likely speed things up but most of the time it's not needed.
IDPS comes with several extra layers of protection, the list is not complete but it represents the 6 most common ways ransomware/ cybercrime is used to bypass a firewall:
Windows firewalls leaves a computer wide open to any outgoing communication, even when communicating to known malware-controlled servers, IDPS prevents that.
Cyberattacks are coming at you from all places and at all times, it’s relentless and it’s automated. Windows is extremely “user friendly” in that it allows attackers an infinite number of attacks and actually never takes any defensive measures. IDPS does, if a network scan or attack is detected then any and all access from that source is blocked, even if the attacker eventually would “guess” the right login/password combination or port he will never gain access as he is already blacklisted.
IDPS is fully automated and actively monitors your computer. it requires no user interaction, no data subscriptions, and therefore no computer skills to stop an attacker.
IDPS will detect abnormal communication. If it does, then IDPS will shield your computer and block these computers or smart devices in your office or your home network from harming your computer.
IDPS can send automated firewall abuse reports to the Internet Service Providers that are hosting these malicious activities. If after some time the activity doesn’t stop, then IDPS just blocks the whole data center from accessing your computer and your computer from accessing that data center, it’s like they no longer exist.
IDPS will block domains and IP addresses from known active malicious and or infected domains. This prevents any application on your computer, and not just browsers, from accessing these infected sites. By blocking these domains IDPS also protects you from other attack vectors like spear-phishing emails or macros that use these sites to download malicious payloads. Being able to block malicious domains is important as a blocked domains can’t be used to infect your system.
The cold hard truth is that an Antivirus application only reacts. An anti-virus application works by checking your files against a list of known virus signatures. Think about it this way, last week’s viruses will make it into next week’s anti-virus definitions. If a virus is new and yet unknown, there is nothing to compare it to. IDPS offers a safe environment for these files to be opened, if they execute malicious code, it will do so without causing harm and you won’t get infected.
No, all products are licensed per machine as it is a machine that is protected. The machine can have several users, they will all be protected, that’s fine.
What our customers are saying
The following terms and conditions apply to all software products offered by VESNX. Please note that the terms on this page are a small subset of terms and conditions that can be found at: https://www.vesnx.com/terms.
Products with a perpetual license do not expire and will be maintained by VESNX for as long as the operating system is supported by its vendor."
Products with a subscription are eligible for product updates and support migrations with the vendors operating system.
All products have access to product security updates, normally these updates are applied without you, the user having to get involved. Any products that have dependencies on malware signatures are automatically updated using the frequency in the settings of the products. Depending on the product, these updates could be near-real-time or with an interval ranging from minutes to days.