Know your vulnerabilities by applying the offensive lens
Penetration testing is the act of simulating real-world cyber security threats in a safe, controlled environment.
Our Penetration Testing Service assesses people, infrastructure, networks, mobile and applications. We search for vulnerabilities and test your existing security controls.
We apply industry best practice with military precision using a highly-skilled security team.
This form of assessment is fundamental to a successful cyber security strategy.
We provide the evidence and foresight for you to make smart, effective decisions about the security of your business networks and information.
Our penetration testing services cover:
- Infrastructure security
- Application security
- Employee social engineering
- Wireless security
- Mobile security
Generally speaking, there are two main types of infrastructure security testing, internal or external.
This type of penetration test targets a business’ Internet facing servers and services. The objective of this test is to assess if an remote threat actor can breach the network defences and if so, what else can be discovered once in.
This form of testing aims to simulate an inside attack behind the firewall by an unauthorised or authorised user with standard access privileges. This kind of test is useful for estimating the risk associated with a threat actor who has breached or has access to the internal network.
Whereas an infrastructure penetration test encompasses an entire network, an application security test focuses only on evaluating the security of application operating on a network.
This process involves an analysis of the application for any vulnerabilities from the perspective of both an unauthenticated and authenticated user.
Wireless Penetration tests evaluate the risk related to potential access to the business’ wireless network.
As wireless access points provide a hassle-free way for users to access the network, it can also enable threat actors to do the same.
In performing a wireless penetration test, we simulate an attacker attempting to gain access to the internal networks via the wireless service.
Mobile applications have become the most popular platform for supporting businesses in recent years and as such the focus on rapid integration with existing network infrastructure has resulted in lower than desirable security implementations.
It is inevitable with the popularity of mobile platforms being utilised as the preferred interface for business operations that security breaches occurring through this medium are often friction-less for attackers.
Penetration testing mobile application prior to go-live attempts to highlight such risks.
Employee Social Engineering
Like technology focused penetration testing, social engineering aims to uncover vulnerabilities but rather than technology, the target is the people.
This form of testing focuses on vulnerabilities associated with the business’ information security policies and/or the staff’s adherence to the policies.