A detailed report, containing the identified vulnerabilities, recommendations for elimination, examples of attacks and descriptions of possible penetration scenarios, will be provided based on the penetration testing results.
Penetration testing is no longer an exotic activity, but a required reality from the point of view of classical IS provision
and according to various regulators’ requirements. Penetration testing services are based on OSSTMM (The Open Source Security Testing Methodology Manual), PTES (The penetration testing execution standard) methodologies.
There are three basic operation methods:
Classic external and internal black box penetration testing is the base to start with.
Our company has got a large background in penetration testing. Highly qualified specialists use the world’s best practices, methods and tools.
The current testing type emulates the external attacker’s actions, who does not have logical access to your systems.
- Find out the way your systems, accessible from external networks, are protected from intruders.
- Reveal vulnerable software.
- Identify your services configuration issues.
The internal penetration testing capabilities are much broader, since here it’s possible to simulate visitors’, disloyal employees’ and contractor companies specialists’ malicious actions, visually assessing the possible consequences of such ones. The specialist connects to your internal network and valid ip-address is all he needs to work.
- Try to get extended the access rights to both information systems and confidential data.
- Identify most of the vulnerabilities in your defenses.