Penetration Testing:
Penetration Testing is a live test of the security defenses of a network. Our team of specialists adopts techniques and exploits that real-life hackers would use to simulate the results of an actual attack. The goal of penetration testing is to identify the exploits and vulnerabilities that exist within an organization's infrastructure and to confirm the effectiveness or ineffectiveness of the security measures that are currently in place.
A Penetration Test provides a detailed analysis of your network and associated systems from the perspective of a potential attacker. In addition to the above it assesses the security of your network for the thousands of known vulnerabilities and provides detailed reports of any that are found.
The testing is focused on the servers, infrastructure and the underlying software comprising the target. It may be performed with no prior knowledge of the site (black box) or with full disclosure of the topology and environment (white box).
This type of testing should typically involve a comprehensive analysis of publicly available information about the target, a network enumeration phase where target hosts are identified and analyzed and the behavior of security devices such as screening routers and firewalls are analyzed. Vulnerabilities within the target hosts should then be identified, verified and the implications assessed.
1.2 Internal Penetration Testing
Internal Penetration Testing uses a similar methodology to external testing, but provides a more complete view of the site security.
Testing typically uses a number of network access points, representing each logical and physical segment. For example, this could include tiers and DMZs (Demilitarized Zones – secure areas within a network) within the environment, corporate network or partner company connections.
Penetration Testing | Vulnerability Assessment | Security Architecture| Risk Management & Assurance Audit | Social Engineering | Training & Security Awareness
