Our cyber penetration and vulnerability testing service is the process of using all available methods to test the penetration of a system upon the approval of the customer. The main purpose of this service is to become the admin of a system through security vulnerabilities.
After the tests, technical reports are generated and simplified in order to facilitate the analysis of controling executive. Another aspect of penetration testing is social engineering excercises. The aim of these excercises are to increase awareness of information security within an organization.
Cyber penetration and vulnerability testing is applied by ISO 27001 certificated laboratories where maximum attention is paid to the protection of personal data principle.
Objectives of penetration test
- To determine the weaknesses and vulnerabilities both internally and externally.
- To be informed about how to cover the vulnerabilities determined.
- To asses the efficiency of the firewall, web servers and routers.
- To prepare a plan to prevent a potential penetration or attack that might come up in the future.
- To identify if it is necessary to upgrade the existing software or hardware in the institution.
Penetration test methods
Blackbox:
In a black box penetration test, the penetration tester has no previous information about the target system. It is conducted to see the probable harm caused by a potential attacker who wants to destroy the system or achieve information leakage.
Whitebox:
The penetration tester is given all the information about the structure or system prior to testing. This method is used to determine the potential harm that might be caused by an attack to the system from previously or currently employed staff.
Graybox:
It is a testing method between Blackbox and Whitebox. The tester is not given detailed information about the structure and/or system prior to the test. This test is conducted to see the probable harm that might be caused by an attack from users with limited authorization.