Penetration Testing

Penetration Testing assesses your computer systems, networks and applications for security vulnerabilities, so that they can be mitigated before criminals exploit them. Some of the different testing services we offer are detailed below.

Our penetration testers are Crest qualified and hold the following certifications:

  • CISSP – Certified Information Systems Security Professional
  • CREST CRT – Crest Registered Tester
  • CREST CPSA – Crest Practitioner Security Analyst

Testing can be performed one off, yearly or monthly.

Reports generated will provide remediation with assistance given to counter the vulnerabilities.

Penetration Testing Services

EXTERNAL NETWORK TESTING

External Network Testing aims to assess your external infrastructure. Tests are conducted against public facing IP addresses to find any exploitable vulnerabilities.

INTERNAL NETWORK TESTING

The focus of an internal security review is assessment is to assess your systems and search for any vulnerabilities present. We attempt to go from no access and escalate privilege as high as possible with an aim of getting domain admin rights.

REMOTE ACCESS TESTING

Remote Access Testing is the analysis of any Citrix environments and remote access software that is used to access internal devices and services.

BYOD TESTING

With employees working more from home it makes sense to test BYOD devices and check they are not vulnerable. We install an agent on the devices and this will scan for vulnerabilities and we then generate a report with remediation steps given.

SOCIAL ENGINEERING

Social Engineering is used to test your employees to ensure they are following proper practices on their security procedures. A training plan can then be implemented to ensure that your employees are cyber aware.

BESPOKE TESTING

We can provide a full bespoke testing solution to ensure you get exactly what you need to improve your security culture.

INTELLIGENCE GATHERING

Open source intelligence is a way of gathering data that is publicly available. Our team will find information on your company and employees before the criminals do and use it against you.

WIRELESS TESTING (Wi-Fi)

With employees working more from home it makes sense to test BYOD devices and check they are not vulnerable.

RED TEAMING

Red Teaming is a full-scope, multi-layered attack simulation designed to measure how well a company’s people and networks, applications and physical security controls can withstand an attack from a real-life adversary.

WEB APPLICATION TESTING

This service helps you identify and reduce the security holes that may be present in your website. We analyse your web applications to reveal any vulnerabilities that could be exploited by cyber criminals.

PSN TESTING

PSN Testing is the analysis of public sector networks to identify any weaknesses while making sure industry requirements are adhered to.

API TESTING

Application Programming Interface (API) Testing looks to identify any vulnerabilities within your custom API's to evaluate your security
Social media & sharing icons powered by UltimatelySocial