Mitnick Security Consulting, LLC

Services

View this document in PDF format
Internet Security Testing
Any device with access to the Internet is a potential open door to would-be hackers. Mitnick Security Consulting provides vulnerability assessments during which it closely maps the network architecture, examines all open ports, hosts and services with access to the Web, and ensures that these network devices are secure. Mitnick Security Consulting gathers information such as domain names, IP network ranges, operating system and applications, to identify systems on the network, how they are related, the services that are exposed through open ports (such as http, SMTP, terminal services, etc.). Once open ports and attached services are identified, Mitnick Security Consulting determines whether each service has been updated with the most recent patches and identifies other vulnerabilities located within the exposed services.

In addition to conducting vulnerability assessments, Mitnick Security Consulting performs more rigorous penetration tests in which the information gathered from its assessment is used to attempt to penetrate the network. This more thorough procedure can confirm whether potential vulnerabilities are, in fact, capable of being exploited to expose the network.

Following all vulnerability assessments and penetration tests, Mitnick Security Consulting uses the information it gathers to prepare a thorough vulnerability analysis and offers recommendations for strengthening network security.

Intranet Security Testing
While outside threats must be guarded against, business must also protect against potential threats from within their own networks. Using many of the same techniques and procedures for Internet Security Testing, Mitnick Security Consulting provides Intranet risk assessment and analysis to protect against the potential threat posed by insiders.

Depending on the client’s needs, intranet testing can be performed by Mitnick Security Consulting under varying degrees of disclosure of network information from the client, for example with or without network accounts.

Dial-in RAS Security Testing
Dial-in links pose a potential threat to the integrity of the network security system. Mitnick Security Consulting examines dial-up connections that allow employees to access the network through public telephone lines or other dial-up connections. Given a range of telephone exchanges that may include modems, Mitnick Security Consulting can identify target numbers that allow for remote access. Using these numbers, Mitnick Security Consulting attempts to exploit vulnerabilities in the system and gain access to the network. Mitnick Security Consulting can also assess risks posed by the exposure of dial-up connections to the public telephone network which might undermine the client’s own internal security architecture.

Web Application Assessment
This assessment examines what services are being offered on Web-based portals and e-commerce applications to examine potential vulnerabilities with respect to authentication, authorization, data integrity, data confidentiality, and consumer privacy concerns. Mitnick Security Consulting can test these applications using either zero-knowledge testing or full-access testing to examine the full range of potential vulnerabilities. Mitnick Security Consulting also conducts source code audits to identify any potential vulnerability among the applications and scripts that are accessible through the Web.

Wireless Assessment
Wireless networks, while highly convenient, present additional security threats since the wireless signals are not limited by the physical boundaries of a traditional network. Mitnick Security Consulting evaluates how to prevent wireless communications from being exposed to eavesdropping and access by unauthorized intruders. Additionally, Mitnick Security Consulting examines the enterprise infrastructure for unencrypted or standard WEP enabled access points that may be vulnerable in order to ensure the security of the network.

Social Engineering Assessments
Social engineering involves manipulating and/or deceiving company employees and other human resources to gain unauthorized access to a network or to confidential information. Mitnick Security Consulting is the premier consulting firm in its ability to identify weak links in the security chain through exploitation of human vulnerabilities.

Mitnick Security Consulting’s principal, Kevin Mitnick, is widely recognized in the industry as the foremost authority on the topic of social engineering. His book The Art of Deception: Controlling the Human Element of Security offers an authoritative examination of potential threats posed by social engineering attacks. Mitnick Security Consulting leverages its unparalleled expertise in this field to expose what is often the weakest link in the information security apparatus: the human element.

Once individual or systemic weaknesses are identified, Mitnick Security Consulting recommends procedures designed to ensure that employees do not divulge information that could compromise company assets. The social engineering assessment not only uses tactics intended to gain confidential information, but also to induce unsuspecting employees to create vulnerabilities that can subsequently be exploited to gain access to confidential information.

Telecommunications Assessment
Mitnick Security Consulting has unique experience testing vulnerabilities in private bank exchanges that operate company voicemail and messaging systems. Unauthorized access to these systems can allow an intruder to eavesdrop on and manipulate employee voicemail messages, initiate outgoing calls from internal company lines, and access corporate telephone networks and directories.

Database Assessment
Client lists, credit card records, and other confidential information held in databases must be given particular protection from unauthorized disclosure. Mitnick Security Consulting tests database integrity to determine whether any vulnerability may compromise this sensitive information.

Physical Security Testing
Access to confidential information can often be obtained by simply gaining physical access to company premises. Mitnick Security Consulting conducts on-site surveillance to assess physical security and uses social engineering, pass key duplication, and other techniques designed to gain physical entry into secure areas and the network system.

Forensics
In addition to preventing future attacks, Mitnick Security Consulting can conduct forensic analysis to evaluate past security breaches. This analysis examines log reports, compares backups to identify modifications to the network, and investigates the introduction of foreign software tools to help identify intruders, determine the extent to which the network has been compromised, and mitigate potential damages from the intrusion.

Training
Mitnick Security Consulting provides training seminars to IT professionals and employees with access to sensitive information to better educate them about the risks of social engineering and how to prevent themselves from falling prey to ruses posed by competitors or malicious intruders. These seminars are dedicated to preventing human error from undermining an otherwise robust information security infrastructure.

Connect


Speaking Schedule
Kevin will be in the following cities and countries:
04/28-04/29 Madrid, Spain
05/20-05/21 Stockholm, Sweden
06/03-06/04 Texas, USA
06/18-06/19 Amsterdam, Netherlands


Get Kevin's Business Card

Watch Barry pick a lock using Kevin's business card

Send your IP address and password (just kidding) to:
Mitnick Security Consulting, LLC
9484 S. Eastern Ave
Suite 100
Las Vegas, NV 89123
USA

Please enclose $5 cash (no other form of payment is accepted) plus a self-addressed stamped envelope, otherwise you can attend one of my speaking engagements to obtain a free lock-pick business card.

Please note, if the correct payment and the SASE are not enclosed, we will cancel the order and absolutely nothing will be returned to you. Accordingly, please correctly order one or more of my business cards by properly following the above instructions.

If you are located outside the USA, please include a prepaid self-addressed envelope (you can use FedEx, DHL, or UPS) and enclose either 5 dollars, Euros, or GBP, cash only, for each card.

We don't accept any other currencies.

Radio & TV Appearances

Recent Press Coverage

No Technology Completely Secure
Mar 21, 2014 - Raconteur

World's greatest hacker calls Healthcare.gov security 'shameful'
Jan 16, 2014 - Fox News

Watch Kevin Mitnick Explaining How He Used to Troll the FBI
Nov 20, 2013 - Softpedia

Kevin Mitnick Q&A
Oct 22, 2013 - Reaktor Q&A

Kevin Mitnick: 'The only thing McAfee is good at is making videos'
Oct 16, 2013 - Computing

Kevin Mitnick opens IP EXPO 2013: "Anti-virus software isn't going to save you"
Oct 16, 2013 - ITProPortal

Hacker Kevin Mitnick Slams Anti-Virus at IT Expo
Oct 16, 2013 - CBR

Kevin Mitnick - The Word Document Exploit
Sep 24, 2013 Use VPN! Former 'Most Wanted Hacker' Mitnick talks Snowden, NSA, and privacy
Sep 12, 2013 - RT.com

Former hacker and renowned security expert Kevin Mitnick to open IP EXPO
Sept 11, 2013 - ITProPortal

Kevin Mitnick Details Modern IT Threats
Aug 29, 2013 - eWeek

A master hacker's take on hacktivism today
Aug 29, 2013 - Al Jazeera

Guests: Kevin Mitnick
July 25, 2013 - Coast to Coast

Renowned ex-hacker Kevin Mitnick and top experts highlight cyber threats and countermeasures at Gulf Information Security Expo and Conference
Jun 4, 2013 - Zawya

Kevin Mitnick
May 25, 2013 - Rose State College

Notorious hacker Kevin Mitnick now helping keep elections secure
Feb 17, 2013 - NDTV Gadgets

Meeting Kevin Mitnick Thanks to ISSA PR
Feb 4, 2013 - Raul Colon

Former Hacker Reveals How Business Owners Should Protect Their Web Sites
Sep 6, 2012 - Business Insider

nCircle Announces Kevin Mitnick as Featured Keynote Speaker at World Wide User Group
Sep 5, 2012 - Herald Online

How the pros thwart computer spies with James Bond tricks
Sep 4, 2012 - CNET

KnowBe4 and ITIC study: Security lacks for 'own devices'
Sep 4, 2012 - Tampa Bay Business Journal

KnowBe4 and ITIC Latest Study Reveal Companies Lack Security for "BYOD"
Sep 04, 2012 - PR Web

KnowBe4 Supports FBI Tips Against RNC Cybercrime
Aug 23 2012 - Melodika

Book review: Ghost in the Wires
Jan 1, 2012 - ZDNet UK

Security tips from a legendary hacker
Dec. 19, 2011 - CBS News

23 Questions with Kevin Mitnick
Dec. 13, 2011 - Hak5

CNET 100: The celebrity entourage: Kevin Mitnick
Dec. 12, 2011 - CNET.com

John J Nazarian's Guest Tonight is Famed Computer Hacker Kevin Mitnick
Dec. 11, 2011 - Straight Talk with John J Nazarian

Kevin Mitnick talks social engineering and his new book
Dec. 8, 2011 - Tekzilla

Book Review: Ghost in the Wires
Dec. 7, 2011 - Hacked Existence

Book Review: Ghost in the Wires by Kevin Mitnick
Dec. 7, 2011 - The Crisan Chronicles

Tech Books of Note
Nov. 30, 2011 - Bloomberg

Kevin Mitnick Talks Celebrity Hacking, Common Mistakes, and Tips for the Average Joe
Nov. 26, 2011 - International Business Times

Book Review: Ghost In The Wires
Nov. 13, 2011 - SecurityTube

Kevin Mitnick spills the beans on his exploits
Sept. 7, 2011 - Willamette Live

Mitnick's Tale Sheds Light on Social Tactics
Sept. 6, 2011 - Dark Reading

Inside the world of computer hacking
August 31, 2011 - CNN

10 Questions for Kevin Mitnick
August 29, 2011 - Time Magazine

Triangulation Episode 21: Kevin Mitnick
August 24 2011 - TWiT

Reuters Shows How To Hack Phones 'Like A News Of The World Reporter'
August 29, 2011 - Huffington Post

How to hack like a News of the World reporter
August 29, 2011 - Reuters Video

Confessions of a hacker
August 22, 2011 - American Public Media

Hacker filled the tank with nerve, took FBI on wild ride
August 20, 2011 - Winnipeg Free Press

Kevin Mitnick loved the cyberspace break-in game
August 20, 2011 - Salon

Master Hacker Kevin Mitnick Shares His 'Addiction'
August 21, 2011 - NPR

TNW Sessions ft. Kevin Mitnick—The world's most wanted hacker
August 19, 2011 - TNW

The Godfather of Hacking
August 19, 2011 - The Daily Beast

Mitnick's "Ghost in the Wires" Will Hack Your Mind With Real Life Adventures in Hacking
August 16, 2011 - Stay N' Alive

Ghost in the Wires takes a fascinating look at the high-stakes art of computer hacking through the eyes of a man who perfected it.
August 15, 2011 - American Way Magazine

Kevin Mitnick with Stephen Colbert
August 18, 2011 - The Colbert Report

Kevin Mitnick, Former Fugitive Hacker, Laments How The Game Has Changed
August 16, 2011 - Huff Post Tech

Kevin Mitnick's book lands
August 15 2011 - LA Observed

A Hacker Tells All
August 12, 2011 - New York Times

Protecting Your Data From People Like Me
August 13, 2011 - Wall Street Journal

Book Excerpt: Ghost in the Wires — My Adventures as the World’s Most Wanted Hacker
August 16, 2011 - Wired's Threat Level

Hacking the system, because he could
August 16, 2011 - New Scientist's CultureLab

Review of Ghost in the Wires: My Adventures as the World's Most Wanted Hacker
July 20, 2011 - Technorati

Hackers often fool people, not technology, to get data
July 28, 2011 - Mercury News

Early Review of Ghost in the Wires
April 30, 2011 - TaoSecurity

THN Review : Ghost in the Wires - Kevin Mitnick
July 2011 - The Hacker News

GHOST IN THE WIRES: My Adventures as the World's most Wanted Hacker
July 1, 2011 - Kirkus Reviews

A review of Ghost in the Wires: My Adventures as the World's Most Wanted Hacker by Kevin Mitnick
July 23, 2011 - The Nerdy Teacher

Ghost in the Wires: My Adventures as the World's Most Wanted Hacker
July 20, 2011 - RSA Conference

The Client Reviews Ghost In The Wires
June 15, 2011 - Zqueakz

Hackers trick public over rapper Tupac Shakur's death
May 31, 2011 - BBC News

Ghost in the Wires
May 19, 2011 - Bobarno.com

Anybody can be a hacker, for a price
January 26, 2011 - CNN Video

For Kevin Mitnick, staying legal is job No. 1
Aug 5, 2010 - CNET News

The people involved in sale of lost iPhone revealed
Apr 29, 2010 - CNET News

Mitigating the social engineering threat
Apr 21, 2010 - TechRepublic

Ataques más comunes en Internet
Mar 18, 2010 - Euskadinnova.net

Kevin Mitnick to keynote World Game Protection Conference
Feb 16, 2010 - SecurityInfoWatch.com

Smoking the Competition: Creative business cards are the ones people remember
Feb 2010 - Entrepreneur Magazine

Hackers for Hire
Feb 2, 2010 - Fox News

read more >>


Documents & Files