Wireless Security Testing
We offer full wireless security testing and configuration reviews of wireless networks, access points, controllers and devices. We can give you assurance that your wireless networks are aligned to the industry best security practices.
An incorrectly configured wireless network may be exposing your internal systems to unauthorised users outside of your premises. Additionally, guest wireless networks you may provide for visitors, may be incorrect configured, allowing access to internal networks or services which should only be accessed by employees.
Wireless testing assesses the configuration and deployment of wireless networks and devices to ensure that only the intended end users can use the network and associated services.
Testing uses a combination of wireless signal scanning of access points and the configuration reviews of wireless controllers to ensure the wireless networks are correctly configured, preventing the access of unauthorised users.
Wireless testing gives assurance on the security of your internal wireless networks, devices and users as below:
Access - Ensure your wireless network cannot be accessed or compromised from outside your premises
Separation - Ensure guest or public hotspot users cannot access non-intended internal networks
Configuration - Ensure your access points, controllers and devices are securely configured
Deployment - Ensure that only authorised access points are deployed and no rogue access points have been installed
We offer wireless security testing and assessments covering many areas, such as:
- Wireless controller build reviews
- Wireless access point build reviews
- Wireless scanning for rogue access points – e.g. have staff installed their own home routers to bypass security
- Vulnerability assessment of wireless networks
- Segregation testing of wireless networks
- Guest/Public WIFI hotspot testing
- Wireless signal leakage/strength testing
- Factory handheld wireless scanner reviews
- Wireless DECT phone handset testing and reviews
Armadillo Sec are a CREST certified testing body and we are accredited to operate as a CHECK service provider. All of our testers are certified by CREST and our senior consultants are certified by CREST to the highest CCT Level. Our testers are also CHECK Team Leaders (CTL’s) or CHECK Team Members (CTM’s) and are approved to conduct government CHECK testing.
Our team have many years experience conducting a broad range of government and commercial tests and always aim to go the extra mile for our customers.
Frequently Asked Questions
All our testers are certified by CREST and our senior consultants are certified by CREST to the highest CCT level.
|CREST Certifications||Certified Testers|
|Practitioner Security Analysts||Yes|
|Registered Penetration Testers||Yes|
|Certified Web Application Testers||Yes|
|Certified Infrastructure Testers||Yes|
|Certified Simulated Attack Specialist||Yes|
|Certified Simulated Attack Manager||Yes|
Our CREST member status can be viewed, along with the certified tester types we have on the below link:
Our testers are also CHECK Team Leaders (CTL's) or CHECK Team Members (CTM's) and are approved to conduct government CHECK testing.
|CHECK Status||Certified Testers|
|CHECK Team Member (CTM)||Yes|
|CHECK Team Leader (CTL) - Infrastructure||Yes|
|CHECK Team Leader (CTL) - Applications||Yes|
Our CHECK status can be viewed on the below link:
It is recommended that internal wireless testing should be conducted annually as cyber threats are constantly evolving.
If major changes are made to the wireless infrastructure, then it is recommended that additional testing is conducted. This ensures that any recent changes are not introducing new vulnerabilities into the environment.
Some certifications such as ISO 27001 or PCI DSS, require a certain frequency of testing to remain compliant.
Wireless testing is bespoke depending on the goal or outcome you wish to achieve, therefore there is not an off-the-shelf price for a wireless penetration test.
For each project we will technically scope your requirements and establish the time needed to complete the work. We will then provide a detailed proposal and breakdown of costs and options.
We supply a full penetration testing or vulnerability assessment report for infrastructure testing, which covers the following:
- Executive management summary - Non technical overview of issues for management board level
- Detailed technical findings - A complete list of all issues identified
- Affected hosts - A list of all affected wireless hosts/SSIDs/configuration settings
- Risk level - Impact, likelihood and overall risk ratings are listed for each issue
- Examples - Output or screenshots to demonstrate the issue
- Recommendations - Recommendations of how to remediate the issues, including any reference to documents that can assist
A sample report can be supplied upon request.
We have a full methodology for all testing services we provide, which is supplied with each project proposal. This outlines the testing steps and all the requirements in order to deliver the test.