Penetration Testing Services

To protect yourself from hackers, you need to think like one of them

IT security tests like penetration testing, require a specialized team to test the security of an IT infrastructure, taking an approach similar to that of cybercriminals.

Why simulate a cyber attack on your business networks?

The primary purpose is to identify the security breaches in the data network infrastructures and the level of risk to which your organization is exposed. After a thorough analysis of digital communications systems and networks, a plan to eliminate vulnerabilities will be generated based on the results obtained from the analyzes and penetration tests.

The three approaches by which our team will test the infrastructure of the data networks are:

 

  • Black Box – external network pentest

The external network penetration test identifies the vulnerabilities of the devices in the infrastructure, implicitly of the servers that can be accessed via the Internet, testing the security level of the routers, firewalls, IDS (Intrusion Detection Systems) and other devices, respectively software solutions meant to detect and to block computer attacks.

 

  • White Box – internal network pentest

The internal network penetration test establishes the network security level from the perspective of a computer attack caused by an internal user. A plausible situation would be one where an unsatisfied employee, an intruder who managed to gain physical access to the building and the internal data network, or an attacker who managed to exploit a breach in the wireless system would try to obtain confidential information or even endanger the business of your company. After a thorough analysis and study of the applicable scenarios, a plan will be drawn up to detect, prevent and, implicitly, combat such attacks.

 

  • Gray Box – a mix between the two.

 

REPORT

After making any type of audit, our team will generate a detailed report containing the following information:

  • The methodology used;
  • Information regarding the vulnerabilities discovered;
  • Information on the identified weaknesses;
  • Proposals to implement hardware or software solutions designed to eliminate vulnerabilities discovered, to prevent and, implicitly, to combat computer attacks by strengthening or eliminating weaknesses in your infrastructure, whether we refer to data or personnel infrastructures.