Protecting Your System
Testing Your System
Penetration Testing mimics the actions of a real hacker attempting to gain access to your computer systems in a controlled manner. Penetration testing (pentesting) highlights which of your systems are effective in stopping hackers and which are not, providing detailed remediation advice on how to correct or mitigate the issues.
This information is critical for PCI Compliance, periodic security testing, change management and pre-purchase due diligence. Using sophisticated tools and extensive security experience, our consultants utilise brute force credential discovery, smart exploitation, password enumeration and Web application scanning as part of their testing.
A penetration test mimics the actions of an actual attacker, exploiting possible weaknesses in your network security, without the usual dangers. Reporting is provided at two levels:
Our security experts have decades of experience in IT systems and securing computing environments.
Our documented security testing programs can include:
Our security experts have performed thousands of Penetration Tests and Vulnerability Assessments. This is the process we follow when testing our systems.
We sit with you and discuss your needs, business objectives, review relevant documentation and prior test results. This provides you and our consultant a clear picture of the scope of the project, objectives, rules of engagement and any possible limitations.
Vulnerability Assessment is the first step in performing the Pentest. We also use targeted tools that look for particular parts of systems to aid in the assessment phase.
We perform a series of active and passive tests to produce a map of your system. The goal is to identify vulnerabilities by locating entry points into your system. With this we map out potential attack vectors.
Based on what we found in step two a series of tailored test cases and attack algorithms are developed. This stage is complex and time-consuming; however our experience enables fast identification of weak points and gaps.
A series of semi-automatic and manual tests are carried out on your system. The outcome of each test is validated and reviewed. Depending on the results test plans may be modified.
The vulnerabilities are examined and measured. Findings are then assigned a risk rating within the context of your environment.
A comprehensive report explaining the primary vulnerabilities and their possible impact is prepared. We then conduct a technical workshop laying out the vulnerabilities found and the remediation steps needed to secure the systems.