Security Assessment | Monitoring. Mitigation | Professional Services | Security Team as a Service

 

Penetration testing

Identify security weaknesses before hackers do

 

The benefits for your organisation:

__ Identification of vulnerabilities and risks in your web/mobile applications and networking infrastructure

__ Detailed remediation steps to detect existing flaws and prevent future attacks Validation of the effectiveness of current security safeguards

 

Penetration testing, also called pen testing or ethical hacking, is the practice of testing a computer system, network or web application to find security vulnerabilities that an attacker could exploit. The main objective of penetration testing is to identify security weaknesses.

Penetration testing can also be used to test an organization's security policy, its adherence to compliance requirements, its employees' security awareness and the organization's ability to identify and respond to security incidents.

Organizations should perform pen testing regularly -- ideally, once a year -- to ensure more consistent network security and IT management.

 

Targeted testing

is performed by the organization's IT team and the penetration testing team working together. It's sometimes referred to as a "lights turned on" approach because everyone can see the test being carried out.

External testing

targets a company's externally visible servers or devices including domain name servers, email servers, web servers or firewalls. The objective is to find out if an outside attacker can get in and how far they can get in once they've gained access.

Blind testing

simulates the actions and procedures of a real attacker by severely limiting the information given to the person or team performing the test beforehand. Typically, the pen testers may only be given the name of the company. Because this type of test can require a considerable amount of time for reconnaissance, it can be expensive.

Detailed reports

You get a detailed report with C-level overview and detailed information for scanned assets, used scan methods, tests results and remediation recommendations.