"A penetration test, occasionally pentest, is a method of evaluating computer and network security by simulating an attack on a computer system or network from external and internal threats. The process involves an active analysis of the system for any potential vulnerabilities that could result from poor or improper system configuration, both known and unknown hardware or software flaws, or operational weaknesses in process or technical countermeasures. This analysis is carried out from the position of a potential attacker and can involve active exploitation of security vulnerabilities"
Within penetration testing we offer the following services:
Application Pentest (white-box, grey-box and black box)
A web application security review identifies vulnerabilities inherent in the code of a web application itself, regardless of the technology in which it is implemented, or the security of the web server or back end database on which it is built. Specifically, it analyses the critical components of a web-based portal, e-commerce application, or web services platform. Using our detailed methodology, and a combination of manual techniques and proprietary and commercial tools, this type of assessment pinpoints specific vulnerabilities and identifies underlying problems in the web application.
External Infrastructure Pentest
Externally facing systems are constantly at risk of attack from the Internet. Newly developed applications, web sites and servers to be deployed should all be tested prior to making them publicly accessible to ensure the security of the network as a whole. With our years of experience in carrying out penetration tests against externally facing network devices, servers and web applications developed on all platforms we can assure you of a high level of security after a review has been completed.