Penetration Testing

As part of our Cyber Security work with clients we can provide a Penetration Testing service, this can form part of the overall Modernisation Strategy of your Cyber Security processes or utilised as a standalone service to test the robust of your existing infrastructure.

Our Penetration Testing service helps identify security issues, verifies the security issue exists, then provides a roadmap to fix the discovered security issues.

Project Scope

We work with our clients to identify what the goals are for the penetration test.

Online Engineering

We investigate a companies online presence to identify useful information, this involves collating information from publicly available sources.

Vulnerability Scanning

We analyse potential entry points to the network, host, or application and assess vulnerabilities for the next stage.

Penetration Testing

We analyse potential entry points to the network, host, or application and assess vulnerabilities for the next stage.

Previously identified vulnerabilities are researched.

Discovered vulnerabilities are tested to confirm status.

Passwords are tested to ensure minimum complexity requirements are in place.

Control

Privilege escalation is used to gain access to a higher level account and potentially take control of the machine.

We do this because often when a machine is breached its from a user account that typically only has access to a limited amount of data or system commands.

Advancement

We test for pivot points. A machine that could be compromised from a phishing email or external machine that could be used to route traffic through to other machines on a network.

Reporting

We produce a severity ordered report which covers all of the discovered security findings, evidence, steps to reproduce the issue, and remedial work that needs to be undertaken.

keyboard_arrow_up