Hacking is no longer about curious teenagers, bragging rights and political “hacktivism”, but is now about money making cyber-crime. While the first response of most organizations is “I don’t have anything worth stealing”, what many IT administrators don’t understand is that cyber criminals can use your website to distribute malicious software to your visitors – without changing the content on your site. They can change account numbers in your payroll system, or even add new employees which can be difficult to detect. They can also sit in silence with keystroke loggers waiting for someone to connect to a net-banking site.
Having an intrusion prevention system can stop known attacks, and often can give warning of zero day attacks (as hosts are usually scanned for vulnerabilities before exploits are attempted). Breaking into a site with a well maintained intrusion prevention system is beyond the skill of most hackers – including experienced penetration testers.
However, installing an Intrusion Prevention system is not quite as simple as plugging it in and turning it on. Poorly configured Intrusion Prevention systems can cause slow network access, stop legitimate traffic and create endless alarms.
With over a decade of experience performing legal intrusions (penetration testing) and building and tuning intrusion prevention systems, GWC can offer your organization a very effective defence that requires minimum maintenance, while providing you reports that show where the threats are coming from, and what they’re trying to get to. This can provide you strategic information to better secure your network in the long run.