In performing penetration testing, we’ll assess your organisation’s security level, inform you about vulnerabilities, and provide you with recommendations for improving security.
Before testing, we’ll agree with you on its scope and we’ll establish rules of engagement and a testing plan.
We’ll peform penetration testing in several phases: first gathering public information about the object that’s being tested, and later identifying attack targets, security measures used to protect the targets, and vulnerabilities. If needed, after determining vulnerabilities we can model and launch test attacks in our lab. Following those tests and in coordination with you, we can undertake specific penetration actions. Thus we’ll foresee and help you avoid the risk of service disruption due to break-ins.
After the testing, we’ll inform you about the vulnerabilities found and recommend ways to eliminate them. We’ll also describe the penetration scenarios in great detail so you can repeat them on your own. We’ll present the results to your whole team, including both the managers and other professionals.
We have the expertise to perform penetration testing on software that’s been custom developed just for your organisation, where there’s no public information about vulnerabilities. We scan for vulnerabilities systematically, using methods that are recognised worldwide (such as OWASP).
Our professionals are certified by OSCP and/or OSCE as ethical hackers based on exams which required them to demonstrate their skills in detecting vulnerabilities and penetrating systems. Members of the team also hold LPT, CEH and ECSA ethical hacker certifications.