Netragard’s security certification program enables businesses to demonstrate the security of their networks to their customers in a meaningful and contextual way. Customers who receive the Netragarded seal undergo intense manual testing and are only certified if no vulnerabilities are identified during the final round of testing. Moreover, the associated penetration testing reports provide threat context to help understand if the level of threat produced during a test was greater than or less than realistic. This context enables customers to clearly and honestly demonstrate their real and actual security posture.[/vc_column_text][vc_separator][/vc_column][/vc_row][vc_row][vc_column width=”1/3″][vc_column_text]
Customers that are certified with a Silver seal have undergone industry standard penetration testing services. These services include but are not limited to vulnerability scanning, manual verification of the scan results, exploitation of vulnerabilities when possible, and web application testing when applicable.
Limitations: The Silver level of service does not include Real Time Dynamic Testing or Threat Augmentation Modules such as Social Engineering, Covert Testing, RADON (used for phishing), the use of chameleon infrastructures, etc. [/vc_column_text][/vc_column][vc_column width=”1/3″][vc_column_text]
Customers that are certified with a Gold seal have undergone rigorous manual testing using a methodology called Real Time Dynamic Testing. This methodology is derived from Netragard’s own zeroday vulnerability research and exploit development practices. With this methodology Netragard is able to identify vulnerabilities that are missed by industry standard penetration testing methodologies but may be identified by talented malicious hackers. The security of any Gold certified customer is sufficiently robust to protect the Confidentiality, Integrity and Availability of the data contained within the in-scope targets.
Limitations: The Gold level of service does not include Threat Augmentation Modules such as Social Engineering, Covert Testing, RADON (used for phishing), the use of chameleon infrastructures, etc. [/vc_column_text][/vc_column][vc_column width=”1/3″][vc_column_text]
Customers that are certified with a Platinum seal have undergone a realistic threat penetration testing. A realistic threat penetration test is one that operates at a level of threat that is slightly greater than that which is likely to be faced in the wild. This level of testing utilizes Real Time Dynamic Testing as well as any required Threat Augmentation Modules. Netragard’s Platinum level penetration testing services maintain a 98.6% success rate at total infrastructure compromise from the vantage point of an undetected and unauthenticated Internet based threat. This service is highly customizable and provides coverage for Social, Physical, and Technical vectors when needed.
If Netragard tests a customer using its unrestricted methodology and fails to breach the customer network then the entire engagement and report are delivered free of charge. If Netragard successfully breaches the network then the customer must pay the full cost of service. To date a select few customers have accepted the challenge and none have succeeded. Netragard maintains a zero fail rate at breach with its unrestricted methodology.