Many organizations which believe that menu-based security is sufficient to protect their IBM i data scoff at the idea that their information is vulnerable. So why not prove it?
Penetration Testing for IBM i will provide you with the proof that users can access information from outside of your application menus … or they can’t. Or perhaps you haven’t made this assertion but it’s coming from your application vendor. Yet you’ve seen presentations and read articles that make you uncomfortable and you’re wondering whether the assertion that menu-based security is sufficient to protect your organization’s data is true. Why not get evidence – one way or the other?
DXR Security’s Penetration Testing for IBM i can give you peace of mind and help you determine whether your menu-based security is sufficient to protect your organization’s data. We do that by performing “gray box” pen testing. In other words, we use information about security-relevant system values as well as the authority settings of application libraries and database files together with user profiles that represent a cross-section of roles (end-users, operators and programmers, for example). With this information, we’ll attempt to gain access to and perform tasks on your IBM i. Penetration Testing for IBM i is a great add-on to network penetration tests which identify open ports and unsecure protocols. DXR Security takes penetration testing to the next level by attempting to run various tasks directly on the system with the intent of accessing application data (without going through a menu.) Once testing is complete, we’ll provide an easy-to-read report describing the results and provide specific recommendations for hardening security, should any vulnerabilities be identified.
The greatest benefit from DXR Security’s Penetration Testing for IBM i is the proof of whether or not your IBM i security configuration is working as expected. Use this proof as peace of mind that your menu-based security is sufficient or to develop actions to make changes.
Contact DXR Security today to see how pen testing can give you proof your security is working. Or visit https://www.dxrsecurity.com/.
MC Press Online