What is a Penetration Test?
A Penetration Test is an authorised ethical hacking exercise against an organisation’s infrastructure, applications and staff. The aim of the test is to improve security by discovering areas that are susceptible to compromise and reducing vulnerabilities.
Our Methodology
- Information gathering aka reconnaissance
- Identifying and prioritising vulnerabilities
- Exploiting vulnerabilities and determining risk
- Executive and technical level reporting with actionable remediation intelligence
Types of Penetration Testing
Our network testing covers your internal, external, wireless and cloud environment
Our application testing covers your web applications, API’s and mobile applications
We offer a range of social engineering techniques including, vishing, phishing and physical intrusion testing
Cover all bases and get a realistic assessment of your security posture. We will emulate a real world attack against your organisation by using all means necessary to achieve predefined goals.
Our Approach
Customer First
We understand your requirements and prioritise your goals. Our team will work hand in hand with you throughout the entire process so you get the most out of your testing exercise.
Testing Guidelines
Testing Standards
- The Open Web Application Security Project (OWASP)
- The National Institute of Standards and Technology (NIST)
- Source Security Testing Methodology Manual (OSSTMM)
- Penetration Testing and Execution Standard (PTES)
- Penetration Testing Framework
- Australian Government Security Policies and Guidelines
Comprehensive Results
At the end of the exercise, we will deliver a detailed executive and technical level report. The report will include all the findings of the testing and can be used for remediation of the findings as well as a high level reporting document for the executive team. We will also provide you with a certificate of completion.