Vulnerability Assessment and Penetration Testing Across the Enterprise

In this new white paper by Pwnie Express, we provide an overview of vulnerability assessment and penetration testing. We demonstrate why such measures are critical to the long-term health and success of enterprises across vertical industries. We also present the features and benefits of Pwnie Express’s technologies, which are the only vulnerability assessment and penetration testing solutions on the market that assess wired and wireless network security in hard-to-reach remote locations, simply, cost-effectively and on demand.

[button link=”http://store.pwnieexpress.com/vulnerability-assessment-penetration-testing-across-enterprise/” size=”large” color=”red”]Download Now…[/button]

Excerpt

Today’s increasingly complex enterprise IT infrastructures consist of hundreds if not thousands of systems and subsystems generally distributed and often in hard-to-reach locations.  The growing use of varying technologies by enterprises and their employees as wired and wireless systems evolve makes the task of assessing the security risks associated with the seemingly endless stream of vulnerabilities and attack vectors ever more pressing and difficult.

IT security team members need to be all seeing, all knowing. They require continuous insight into who and what is hitting their infrastructure and must adopt vulnerability assessment and penetration testing as an integral part of their security and risk management.  For IT staffs responsible for maintaining the infrastructure and continually evaluating the security posture, vulnerability assessment and penetration testing will enable them to:

  • See all the things.  Vulnerability assessment and penetration testing provides critical visibility, showing the weaknesses in all aspects of an organization’s infrastructure. By obtaining this invaluable insight on demand in both wired and wireless networks, an organization can identify which threats pose real exploitable risks and can intelligently manage them.
  • Meet compliance mandates. Federal governments and industry consortiums have recognized the escalating cyber crime threat and subsequent increasing number of breaches. To mitigate risk they have established regulations like the Payment Card Industry Data Security Standard (PCI DSS). Implementing a strong assessment and testing program enables organizations to provide the information they need to meet compliance and more importantly heighten their actual security posture.
  • Avoid network downtime. In the short term, recovering from a security breach can result in lost revenues, and costly and timely OT remediation efforts.  In the long term, downtime could lead to customer flight and cost an organization millions of dollars. By preventing interruptions customers can continue to transact and revenue can continue to flow.
  • Maintain corporate brand. Every single incident of compromised customer data also can be costly to a company’s reputation as trust is breached.  By seeing all the things organizations now have insight into potential threat vectors across their entire distributed infrastructures enabling them to prevent or quickly mitigate breaches to ensure their brand equity remains intact.
  • Justify existing security investments. Vulnerability assessment and penetration validates the effectiveness of an organization’s current security infrastructure. The increased visibility can be used to demonstrate what, if any, additional security technologies need to be instituted and/or security measures need to be taken.

 

Stephen Pace Appointed New Executive Vice President of Sales and Services

Accomplished IT Sales Executive to Drive Adoption of Company’s Network Vulnerability Assessment and Penetration Testing Solutions
January 22, 2014

Pwnie Express, the only technology to assess wired and wireless network security in remote locations on demand, today announced Stephen Pace would join as executive vice president of sales and services. Pace will be responsible for driving Pwnie Express’s sales strategy and global expansion.

Pace is a highly accomplished, results-oriented sales executive with more than 30 years experience in helping early- to mid-stage companies rapidly capture market share.  Steve was responsible for sales, channels, service and support at Core Security, a leading provider of predictive security intelligence solutions.  Earlier, Pace also was a founding member and chief operating officer of Chosen Security, acquired by PGP. He also has served as VP of sales and services at GeoTrust, which was acquired by VeriSign, senior vice president of sales and marketing at NaviSite, which was sold to Time Warner, and SVP of worldwide sales and marketing at Seagate Software, which was acquired by Veritas.

“Pwnie Express has significantly advanced the state-of-the-art for enterprise security intelligence to address today’s threats in both wired and wireless networks,” said Pace. “With the real-time capability using their innovative sensors that make it incredibly easy to see all the things in order to assess risk in remote and distributed networks, customers can rapidly and easily evaluate the hard-to reach areas of their organization, which are providing today’s high-risk attack paths.  I look forward to contributing to the company’s sales and market growth at this pivotal time.”

“Steve has a proven track record of successfully building customer focused sales and services teams and growing revenue for emerging leaders in information security,” said Paul Paget, Pwnie Express CEO. “He is a demonstrated strategic sales leader having directed enterprise security startup companies and will be a great asset to the Pwnie Express team.”

About Pwnie Express 
Pwnie Express is the leading provider of innovative sensors that assess network security risks in remote and hard to reach locations. Thousands of enterprises and government organizations worldwide rely on Pwnie Express’s products to conduct drop-box penetration testing and provide unprecedented insight into their distributed network infrastructure. Pwnie Express’s smart devices all organizations to see all the things while leveraging open source tools and platforms. The award-winning products are backed by the expertise of Pwnie Express Labs, the company’s security research arm. The company is headquartered in Boston, Massachusetts. For more information contact http://store.pwnieexpress.com

[Press Release]

Pwnie Express Finalist for 10th Annual Info Security’s Global Excellence Award

We are proud to announce that Pwnie Express’s Pwn Plug R2 is a finalist for Info Security Products Guide’s 10th Annual Info Security’s Global Excellence Award in their “Tomorrow’s Technology Today” category.

Dubbed a “hack-in-the-box” (white hat of course) by users and industry experts, the Pwn Plug R2 is a tightly-integrated penetration testing and network vulnerability assessment platform in a portable, shippable, plug-and-pwn form factor. The sleek Pwn Plug R2 looks like a small WiFi access point or router. But inside it’s actually a Linux-powered penetration and network assessment tool, providing white hat hackers and enterprise network security professionals a “drop box” system that can easily be shipped, activated and remotely controlled over a covert Internet channel or cellular data connection. For the first time organizations — whether it is, for example, a retail store, bank, government office or hospital — have unparalleled visibility into remote and branch offices, without having to travel. With the Pwn Plug R2 they now can know and continuously monitor what’s out there and what devices they are connected to. It is easy (just plug and Pwn) and cost effective.

Once a Pwn Plug R2 is deployed and turned on, it will automatically tunnel out of whatever network it’s plugged into over various covert channels that attackers usually use, such as tunneling over a trusted protocol like HTTP, SSL, DNS, and ICMP. And then if none of those work, it can always be accessed over 4G. With onboard high-gain wireless and dual-Ethernet, external high-gain Bluetooth, 4G/GSM cellular, more storage, and advanced software, the Pwn Plug R2 is the enterprise penetration tester’s dream tool.

(Original Article)

Focused on Making Network Security Improvement Easier

I want to explain my excitement about joining the Pwnie Express team and talk about what we are doing. I am excited to join Dave Porcello. For those of you who are new to Pwnie Express, Dave founded the company after he developed a way to easily assess the security of remote locations with low profile Pwn Plugs that work the moment they are plugged in. He then created a very cool Pwn Pad to arm mobile security professionals charged with protecting their organizations.

A couple of years ago, Dave left his day job and started selling these stealthy plugs full time out of his basement in Vermont. The Pwn Plugs and Pads are smart and pack an incredible amount of capability into a small device, costing just over $1,000 dollars each. These powerful, low profile little gems can see all the wired and wireless connections in a location and that’s only the beginning of what they can do. 406 Ventures and Fairhaven Capital invested in Dave and his idea and I had the opportunity to join him.

We now opened a small office in Boston’s Seaport and maintain our research lab in Vermont. We are building a team that is focused on continuing to make it incredibly simple to see all the things in your remote networks, wired and wireless, and know if and how your network security is working.

Most companies have limited knowledge of what’s going on in remote locations because assessments are costly and difficult to conduct in distributed enterprises with far flung branch offices and firewalls by design limit visibility and testing. Because Pwnie Express operates without compromising security policies and the devices can be easily shipped and plugged in, we make it effortless for organizations to monitor all of their remote locations from one point.

Stay tuned as we develop new, straightforward and more powerful devices as well as a secure central service that will make it simple to see and know about all the things running in your remote locations.

We believe it is important to make it easy for organizations to improve their network security while dramatically lowering the costs to assess remote locations.