Penetration Testing
Overview
An ethical hacking (white-hat) exercise is a simulation of real life attack scenarios against a single or multiple systems. This type of exercise enable institutions to identify both detection and prevention control weaknesses in their information security systems. A controlled penetration test exercise also gives an institution an opportunity to analyze and refine their real-time and event-drive attack detection capabilities in the confines of a safe attack scenario. Our penetration tests are an excellent opportunity to have independent challenge and evaluation of your incident detection, monitoring and prevention capability (IDS/IPS and Incident Response Team). The results of our penetration test are often helpful in confirming or denying specific assumptions that may be held by management in relation to the completeness and/or robustness of existing controls.
Our penetration test differs from a vulnerability assessment in the scope of potential weaknesses which may be discovered during the exercise. Our penetration test uses real-world scenarios to find the most rapid penetration vector to your sensitive data & systems, at a single point in time. The penetration test differs from the vulnerability assessment in that it only attempts to identify a successful breach vector. Conversely, the vulnerability assessment seeks to identify all potential vulnerability risks to your sensitive data and systems.
- Meet regulatory and business insurance requirements!
- Identify holes! - Avoid financial/reputation loss before breaches occur
- Firewall/IDS/IPS and Incident Response Team evaluation
- Incident & security risk management investment evaluation/justification
- External Penetration Testing (simulated real-world hacking)
- Onsite/Internal PenTesting (simulates attacks by LAN users/virus)
- Wireless Penetration Testing (simulates wireless access point hacking)