A backbone router, a database, a high-end server, proprietary control software, any one of those products could be a mission-critical element of your information infrastructure. Frequently, great pains are taken to verify that mission-critical systems perform their primary functions correctly. However, every mission-critical piece of equipment or software has a secondary function that is frequently overlooked. That function is to operate securely.
Prometheus Global recognizes that many companies deploy systems that have undergone little or no security testing. As a result, using tools easily found on the Internet, a potential attacker has a good chance of being able to make headlines by successfully attacking the computers of Fortune 100 companies. Therefore, PPrometheus Global developed the Product Security Posture Assessment (PSPA) service. A PSPA can be performed on any piece of hardware or software to determine what vulnerabilities exist in that item. The PSPA service is recommended not only to organizations that deploy equipment or software, but also to equipment manufacturers and software developers. Prometheus Global has extensive experience testing products for not only some of the largest equipment and software vendors in the world but also some of their largest customers.
By its nature, each PSPA is unique. Factors affecting how a PSPA is performed include the size of the item being tested, the function of the item being tested, and the degree to which Prometheus Global has access to internals (e.g., source code). After a PSPA is performed, Prometheus Global will deliver a report detailing the vulnerabilities found and the techniques used to find them. Further, engineers from Prometheus Global will meet with representatives of your organization to present and discuss the findings and, where possible, to fix those problems.