penetration testing

      PENETRATION TESTING

      Check the integrity of your network with Penetration Testing
      Cyber Security
      Cyber Security Solutions

      Penetration Testing For Your Organisation

      The world of work undergoes constant evolution. Organisations find their users have access to multiple systems from multiple devices. Some users may access through a VPN, on a personal laptop or on a phone. Organisations have had to cede a certain amount of control over how people interface with their systems. It is in this environment that cyber criminals can take advantage, and why you need to understand where the gaps are in your defences.

      Penetration testing allows you to get into the head of the enemy trying to gain access to your systems, from their first contact with an internet-connected device to the type of access they are, in theory, able to achieve.

      Penetration Test Quote

      Contact us to receive a quote for penetration testing for your organisation:
      penetration testing team

      Methods Of Penetration Testing

      The most common form of penetration testing that we provide is external testing. This looks at any parts of your company’s network with an IP address that is visible on the internet. This includes any web applications, company websites, email servers, legacy systems and domain name servers (DNS).

      Internal testing looks at any device or system, attached to your network, that are visible to someone already behind your firewall. This could be a rogue employee or somebody who has had their login credentials stolen due to a phishing attack. After all, nearly 90% of breaches come from user error. For this, we also offer phishing testing which, much like penetration testing, simulates an attack. By covering both of these bases, you’re ensuring the best of both worlds.

      Vulnerability Levels

      As part of the penetration test, we’ll assign a vulnerability level to each IP address tested. As part of the testing, not only would we identify and explain any vulnerabilities found, we would summarise what actions need to be taken to remedy the issue.

      Minimal

      Intruders can collect information about the host (for example open ports, services etc.)

      Medium

      Intruders can collect more sensitive information from the host such as what software versions are installed. Attackers can then exploit known vulnerabilities – demonstrating the importance of patching.

      Serious

      Intruders may be able to gain specific information about the host, including security settings. Potential violations include partial disclosure of file contents, access to certain files, directory browsing, denial of service attacks and unauthorized use of services, such as mail-relaying.

      Critical

      Intruders could possibly gain control of the host, with potential leakage of highly sensitive information. Vulnerabilities may include full read and write access to files and listing of users on the host.

      Urgent

      This is the highest category of vulnerability which means that an intruder could gain complete control of your host and with it compromise your entire network security. Attackers could read and write to files, execute remote commands and find any backdoors to your system.

      restore from backup

      The Threat Landscape

      Ransomware is on the rise, and other cyber-attacks are ever-growing in quantity and scope. However, even with the emergence of new ways to attack, criminals are still reverting to tried and tested ‘traditional’ methods, for example DDoS and phishing scams.

      With a penetration test, you can learn what devices are posing a threat. For example, a relic from a previous legacy setup, that remains visible to the internet, could be the way-in for an attacker.

      Penetration Testing should be considered as part of a package of cyber security methods, all working in concert to ensure your network security is operating at its peak performance.

      We recommend that all organisations have disaster recovery plans in place to ensure business continuity if they do fall victim to a cyber attack. The price paid in monetary and reputational cost to your organisation if a breach occurs can be extensive.

      penetration testing

      GET IN TOUCH

      Contact our cyber security experts today to arrange penetration testing for your network