Penetration testing involves assessing your website/database/applications/servers/networks/wireless and identifying security vulnerabilities and demonstrating how they can be exploited, allowing us to help you fix these vulnerabilities.
The tests do not have to be technical, techniques such as social engineering (obtaining information through gaining trust) and physical security breaches also need to be considered.
Penetration testing should always be carried out before the deployment of new systems. As with the vulnerability assessments your organisation can have one off tests or agree to a number of tests per annum to be undertaken at your convenience.
All penetration testing and vulnerability assessments are undertaken within an agreed formal scope and no testing will be carried out without your express written permission. All testing activities are covered by our Professional Indemnity Insurance.
Business Benefits include:
- A clear view of the technical system risks in your organisation
- Detailed plans on how to mitigate or reduce the risk
- If integrated into the systems development/procurement lifecycle a level of assurance can be identified before systems are deployed
- Can assist as part of overall compliance programmes such as ISO/IEC 27001, PCI-DSS and Sarbanes Oxley