Penetration Testing Services
We offer a range of technical security assessment and penetration testing services to identify all areas of vulnerability and help you to mitigate the threat of unauthorized access.
Our services cover a wide range of testing disciplines, including:
Infrastructure Testing: We understand the importance of a secure infrastructure, and know that your business depends on it. Our expert penetration testing specialists examine the current state of your infrastructure to assess the resilience of your security controls, and to identify all the ways that an attacker might use to gain unauthorized access. Our reports detail the security vulnerabilities within your infrastructure that could potentially be exploited in an attack. They also recommend the best methods to secure the environment based on your unique internal business requirements and industry best practices.
Application Security Testing: Whether your custom applications have been developed in-house or commissioned through a third-party agency, time constraints and a lack of awareness around security best practice can often result in an application that puts the integrity and confidentiality of your corporate information and systems at risk of compromise. We provide a thorough security analysis of your custom application deployment. Our penetration testing specialists will examine and assess all the key components of your application and supporting infrastructure. Attention is also focused on how your application components are deployed and communicate with both the user and server environments.
Social Engineering: Our social engineering services are designed to highlight gaps in your internal security awareness. We assess the ‘human element’ associated with risk and how threats such as unauthorized physical entry into buildings, impersonation and deception can be addressed. The first and most rehearsed aspect of social engineering is information gathering; this provides us with information with which to convince your unsuspecting employees into believing or even assisting with the attack. We use different resources to gather information: corporate website, public search databases, jobsites, dumpster diving, public venues and physical access. Then, depending on your test objectives, we will use a range of techniques including persuasion and reverse social engineering. Once we have gained entry onsite we are free to operate as you require us to. The final deliverable is a detailed report about the policies that were tested, and the results of each attempt.
Wireless Security Testing: The growth in wireless technologies, has fueled an increase in attacks on the corporate Infrastructure; malicious Intruders continually probe the network for weak security controls, misconfigurations and vulnerabilities. Having extensive experience in wireless security testing, we can help you identify access points and rogue devices, analyse your security configurations, test for vulnerabilities, and implement appropriate security policies to mitigate the risks associated with an attack. Our wireless security tests focus upon attempting to recreate the steps used by attackers to subvert wireless technologies. Our testing specialists perform reviews of device configurations, client patch levels, architecture hardening and wireless security policies.
Mobile Security Testing: Mobile devices are all attractive targets for malicious attackers. Having access to your corporate network via email, VPNs, and other remote access methods, a successful compromise can result in access to customer details, credit card and other sensitive data. Our mobile security testing services have been specifically designed to identify configuration and deployment flaws associated with integrating mobile solutions into a corporate environment, and provide detailed remediation advice.