PENETRATION TESTING

Why do a Penetration Test?

• Improve your security
• Find out what you don’t know
• Validate your security position
• Ensure you are complying to policies and legal obligations

In the same way car manufacturers test the safety of cars through crash testing, organisations check the security of their IT systems by testing their resilience against an active attack. Penetration testing simulates such an attack, using the same tools and techniques used by criminals, malicious insiders and other attackers.

Unearth Your Real Security Issues

Not all penetration testing is equal. Our security consultants — who have more than 10 years experience in IT security — use a combination of manual and automated techniques to identify vulnerabilities. Once identified, the tester will attempt to exploit the vulnerabilities to see what additional access, information and privileges can be gained.

We don’t just give a best effort test or simply attempt to get in. We don’t just find an open door and then forget about the open windows. Instead, we work to find all vulnerabilities and provide a full audit for potential security issues.

Our aim is to unearth the root cause of a security issue. We work to fix the cause of the problem not just the symptoms.

This type of laser-like focus we give to penetration testing helps your organisation build a more resilient and impenetrable security posture.

 

Types of Penetration Testing  

We provide penetration testing on:  

• Internet facing systems: Penetration testing of all internet-facing servers and infrastructure.  
• Internal environment:Penetration testing of internal servers, user devices, network devices and associated infrastructure.  
• Wireless networks:Penetration testing of your organisation’s wireless networks; seeing whether they can be used to gain access to the internal network.  
• Web applications:In-depth penetration testing of a web application.  
• Mobile applications:In-depth penetration testing of a mobile application and its server-side infrastructure.  

The final result is a report detailing the security issues that affect your project, as well as recommendations on how to fix or mitigate these issues. The tester can also debrief you to provide context on vulnerabilities and to discuss ways to resolve your security weaknesses.