Technical Security Testing
Testing and Assessing your organisations visible risks
The Infosec Advisory group have been involved with penetration testing for close to 20 years and the methodology has evolved with the team. We have a team of 3 Penetration testers.
(Needed?, one is CEH certified and two are presently candidates for the
advanced OSCP credential.)
Technical security testing includes a variety of techniques and specialised tools to identify attack vectors and vulnerabilities both external and internal to your organisation. This involves Vulnerability Scanning and Penetration Testing where our ethical hackers are able to simulate cyber-attacks using strategies and tools aiming to identify exploitable issues which could lead to impacts on the business and data breaches and report back to you with recommendations to improve your controls.
On the premise of requesting Red Teaming as a service, we will discuss and plan how best to achieve your goals as part of our service.
Our assessments aim is to determine critical risks and exploits by:
• Scanning for vulnerabilities across platform of the given infrastructure.
• Performing injection techniques to determine if any code can be manipulated on the web applications.
• Determining versioning of various technologies used on the platform.
• Running tests on the user accounts and determining if any accounts can be compromised.
• Identifying critical server and networking device configuration issues.
• Determining critical memory management problems, performance issues, availability issues, capability issues, and capacity issues.
• Determining critical cybersecurity risks which may impact on business operations.
The approach generally follows 5 stages:
• Enumeration
• Vulnerability mapping
• Exploiting vulnerabilities
• Penetration analysis
• Reporting & action plan
Our Penetration testing function is growing, and we believe that this service is a high-quality cost-effective solution for our clients.