The test involves checking the quality of the e-mail server security measures in use and verifying the compliance of the server configuration with good IT security practices.
Scope of work:
- Verifying the correctness of DNS records
- Verifying open relay and an attempt to impersonate the server user
- Anti-virus and anti-spam system control
- Checking whether the server address appears on publicly available blacklists
- Attempting to enumerate and break the security of user accounts
- An external penetration test of one IP address
- Verifying the SSL/TLS security level for data transmitted over SMTP(S), IMAP(S), POP3(S) and HTTP(S) protocols
- Checking threats to the availability, confidentiality and integrity of processed information
Execution method:
- An external test of one IP address / one web application
- A short summary report in Polish, with attachments containing the results of work of applied tools in English
Benefits:
- Reliable and objective information on the current security status of the company’s e-mail server
- A ready set of recommendations for eliminating threats together with a recommendation for implementation
- Effective spending of budgetary funds by directing investments to areas that really require improvement and reducing security management costs through effective, proactive identification and assessment of threats
- Enhancing the accuracy of business decisions through a precise understanding of the organization’s security status
- Minimizing the risk of reputational damage caused by information leaks and potential legal consequences
Additional information:
- The actions carried out will be documented together with a recommendation of the required actions