February 15, 2016

Penetration Testing

Find your vulnerabilities before someone else does

Penetration testing, or ethical hacking, is a proactive method of finding security vulnerabilities in a system or application before an attacker does.

We offer a broad range of penetration testing services that can be tailored to suit your security needs. We pride ourselves in making penetration testing as simple as possible to help fulfil your security and compliance requirements.

Our Security Testing Approach

Our security testing approach is based on good practice standards such as the Open Source Security Testing Methodology Manual (OSSTMM) and Open Web Application Security Project (OWASP).

Vulnerability Assessment

Our vulnerability assessment service uses automated tools and manual inspection to identify vulnerabilities in your IT infrastructure. This service will focus mainly on infrastructure vulnerabilities, but can also identify certain web application vulnerabilities.

We can perform vulnerability testing on your internet facing infrastructure and/or internal IT systems. External testing can be performed remotely from our premises. For internal testing our consultant will visit your site to undertake the assessment.

Cyber Essentials Plus

Cyber Essentials Plus requires an external vulnerability scan, configuration audits of internet facing infrastructure and malware susceptibility testing. Our team is certified by IASME and CESG to perform testing in support of your Cyber Essentials Plus certification.

PCI ASV Readiness Scans

If you are preparing to commence formal PCI ASV scanning of your externally facing network, we provide a pre-assessment to help you proactively address issues that may prevent you from passing your ASV scan. Our team perform scans in accordance with the PCI ASV Scanning Procedure Standard to get you ready for successful certification.

Patch Audits

One of the most challenging tasks for any IT department is keeping the IT infrastructure up to date with software patches and updates. Out-of-date and unsupported software present a serious security risk for your business. We perform detailed patch audits on your systems and develop targeted remediation plans that will help you stay in control.

Firewall Audits

A Firewall Audit involves reviewing the firewall rule-base and can also examine the configuration of the firewall. Where possible, our consultants will liaise with the relevant firewall stakeholders to understand the business rules and network flows in order to identify which rules pose a security risk and which ones can be improved or removed.