Penetration Testing

The best way to measure your current security level is studying how it can be hacked. As a Penetration testing company, we offer a safe way to test your business resilience to external or internal hacking attempts.

Our skilled, CREST certified, ethical hackers, are trained to identify any vulnerabilities and see how you fare against industry best practice.

Penetration tests are an important part of a full security audit. Our services cover all aspects of organisational security, such as your IT infrastructure, web applications, social engineering and Mobile Device Management.

crest-pen

What are the different types of Penetration Test we offer?

External

An external penetration test assesses the public facing infrastructure and the services hosted on them for vulnerabilities with the goal of compromising those systems or breaching the perimeter if the target uses a VPN service for remote employees.

Publicly available information relating to the target business/organization will be utilized to aid the penetration tester just as a real-life attacker would.

Internal

Internal penetration tests can be performed from two main perspectives.

The first is to simulate an attacker who has gained a foothold on your internal infrastructure by any means but does not have valid credentials for any service on the network (black box).

The second is to simulate an attacker who has managed to gain access to a workstation via any remote services or a successful phishing campaign and will start with valid credentials on the network (grey box).

The purpose of the penetration tester is to try to escalate privileges on the network and gain unauthorised access to services and systems with the aim to access potentially sensitive information.

Wireless

Wireless testing is designed to detect and exploit vulnerabilities in security controls used by wireless technologies and standards, targeting for example misconfigured wireless devices, and rogue access points.

Web Application

Web application penetration testing is the process of using penetration testing techniques on a web application to detect and attempt to exploit its vulnerabilities. The penetration tester simulates attacks such as using SQL injection tests.

It’s used on specific web applications that are exposed to either public facing or internal facing audiences where the data held in the web app is deemed to be sensitive and in need of protection.

Social Engineering

Penetration testing engagements can include social engineering where the tester will assume the role of a made-up entity to try and gain information or access to systems via a crafted email or phone call.

Social engineering will usually require a day of extra time to develop a pretext before sending any emails or calls. This is where information specifically relating to internal business relationships or employee details are used to create a convincing enough social engineering attack.

Red Teaming

Red Teaming is a full-scope, multi-layered attack simulation and has a wider scope than just technology, it also includes people, processes and physical security.

Examples include attempting to gain unauthorised access to premises and server rooms. Red Team assessments are more targeted than penetration testing, with the goal being to test the organisation’s detection and response capabilities

Penetration Testing Articles

Introducing SALUS

SALUS is our innovative portal which aims to transform the Penetration Testing scheduling and management process for larger organisations.

If you are an organisation that needs to conduct several large-scale Penetration Tests a year, and you are looking for a portal that provides you transparent pricing, quick turnarounds, FREE re-tests and live access to progression then look no further.

Easy Sign-Up and Onboarding

Secure by Design

Multiple types of Pen Test available

Simplified Scoping

Transparent Pricing

Live Access

Unlimited Re-Tests

Interested in having a Penetration Test?

Please enable JavaScript in your browser to complete this form.
Name
Email
Which Service(s) are you interested in?
You can select more than one option.
Scroll to Top