Penetration testing

Protecting your business by assessing its technical and organisational defences.

"Hacking" is no longer only a concern of high-value, high-stakes businesses. It is a serious everyday threat for organisations of every type and size that rely on IT to facilitate their business. Reliable security depends on understanding the exposure, weaknesses and threats that could lead to a breach in the defences, which could be exploited to access or damage information systems and data.

How we can help

Our experienced ethical hacking experts provide customised solutions based on your needs to help you:

Through various types of assessments

External penetration test
  • Identifies AND confirms external vulnerabilities
  • Simulates an actual external hacker attempting to breach your security infrastructure.
Internal penetration test
  • Identifies AND confirms internal vulnerabilities;
  • Simulates malicious internal users or contractors hacking your network.
Web application penetration test
  • Identifies AND confirms vulnerabilities existing within the Web applications;
  • Simulates a hacker attempting to steal information from your website.
Wireless assessment
  • Identifies potential rogue or weak access points;
  • Simulates a hacker attempting to gain access to your network through a wireless connection.
Vulnerability assessment
  • Identifies potential vulnerabilities, but does not confirm if they actually exist.
Phone
  • Identifies potentially vulnerable devices reachable via phone (modems) which could allow an intruder to bypass your firewalls and access your LAN;
  • Identifies any weaknesses in yourphone network (PABX, VMB, etc.).

Simulating various types of current attacks from the outside

Hackers Hack computers primarily for the challenge and status of obtaining access.
Spies Hack computers primarily for information which can be used for political gain.
Terrorists Hack computers primarily to cause fear, which will help achieve political leverage.
Corporate raiders Employees of one company hack the computers of competitors for financial gain.
Professional criminals Hack computers for personal financial gain.
Vandals Hack computers primarily to cause damage.

Mixing multiple attack types

Denial of Service Stopping legitimate services offered by a system through exhausting its available resources with illegitimate requests.
Defacement / Vandalism A malicious change to a public service for kudos. Can result in serious legal and/or PR damage.
Eavesdropping Listening to or intercepting sensitive information between two or more points.
Social Engineering An attack designed to gain sensitive information inadvertently disclosed via the human element.
Indirect Attacks An attack by a malicious threat via a medium such as the internet, a modem or an other network.
Direct access attacks A direct attack on the system by a malicious threat with physical proximity.
Malware Malicious code such as Virus, Worm or Trojan Horse designed to perform a malicious action or assist in another attack type.