This defines the scope of the test and technical requirements, such as remote access methods, access credentials, API documentation, emergency contacts and scheduled test date.
Cyber security (penetration)
tests
The purpose of a cyber security (penetration) test is to evaluate systems security through simulating attacks.
Special types of penetration testing is also a part of the PCI DSS compliance assessment process. Unlike an automated vulnerability scan, a cyber security (penetration) test is performed by a person, interacting with target systems, evaluating responses and adjusting further actions accordingly. A penetration test involves not only networks, but custom applications as well – a target that is notoriously difficult to test via automated means.
Full scope cyber security testing options: external, web application, internal penetration tests, networks segmentation tests, firewall reviews and tests, wireless technology penetration tests, social engineering projects, mobile application tests, source code reviews.
How we
do it
How we
do it
This defines the scope of the test and technical requirements, such as remote access methods, access credentials, API documentation, emergency contacts and scheduled test date.
An actual cyber security (penetration) testing (internal and external) is performed on the agreed scope of the project. Methods, tools and flow of the test directly depend on the engagement type, scope and specific ICT infrastructure.
Additional testing of segmentation measures is undertaken to check whether network segmentation can be bypassed.
A proprietary penetration test report is prepared and issued. The main point of the report is to register identified issues, rank them by level of criticality and suggest mitigation actions and measures.
This is performed if critical issues (exploitable vulnerabilities) are identified and performed after the client fixes them. Most of the time – critical issues are access to sensitive data or remote code execution type vulnerabilities. The goal of the stage is to verify that critical issues have been mitigated.
Trusted by
98 %
Client retention rate
100 %
Clients pass the audit on the first attempt
>75 %
Long-term clients for more than seven years