A Penetration Test is a hacking simulation, imitating the hacker’s point of view. The goal of penetration testing is to detect the information security holes, examine information security level, provide focused recommendations to improve the information security level and to close the gaps.
Penetration tests are the medical tests for your business to eliminate the vulnerabilities before the hackers find them.
Penetration tests, unlike security assessments, are a form of the black box method, meaning they are conducted without any prior information about the tested system structure.
Why perform a penetration test?
- Find the information security holes before the hackers do
- Receive information security status report
- Find the way to prevent data breach from internal and external threats
- Check the current security controllers efficiency
- Check the employees’ awareness to intruders
- Regulation, risk and compliance: credit card holders, database with private user information, finance institutions, insurances companies, medical organizations, public companies and strategic facilities
- Proof of concept for the need of information security mechanism change in the organization / product
Types of penetration tests
External Penetration Tests
Imitate the hacker’s point of view from outside of the organization in order to examine the external interfaces, such as file sharing, email systems, remote access, wireless access points, mobile devices, company website, employees’ awareness, physical access and etc.
Internal Penetration Tests
Imitate the hacker’s point of view from inside the organization and deliberately aims to access information that is beyond his permissions (e.g. employees’ salaries or business data). Internal penetration tests also simulate an enployee, external visitor or contractor who aims to leak information by connecting to the infrastructure or workstations.
Complete Penetration Tests
Conduct both internal and external penetration tests, tailored and customized for our clients’ needs.