Penetration

Testing

What is a Penetration Test?

A penetration test is a simulated cyber attack against your computer infrastructure attempting to discover weaknesses and vulnerabilities in your organisation’s defences.

 

Why have a Penetration Test?

Penetration testing is the only way to test the defences that are protecting your data from ever-evolving cyber criminal threats. An internal and external pen test conducted by independent third-party will give your company confirmation of the security controls in place.

A penetration test will help your organisation understand the cyber security threats and gain a better awareness of them. As a result, you can fix any discovered vulnerabilities prior to them being exploited by criminal hackers.

How Penetration Testing works?

Penetration testing is carried out by our ethical hackers, who use real-life tactics, techniques and procedures used by the most sophisticated and intelligent cyber criminals to exploit weaknesses and vulnerabilities in your system.

The results form the basis of a comprehensive report that shows issues and gives clarity to where your systems are weak.


The penetration test report will recommend and address exactly how to remediate these weaknesses.

Our Services

We offer the following popular Penetration Test packages.
All our packages can be tailored to your company's specific requirements.

External Penetration Test

External penetration tests identify and test security vulnerabilities that might allow attackers to gain access from outside the network.

Our attack simulation will attempt to access Microsoft 365, Google Suite, and other cloud services.

We will also carry out deep investigations to uncover any sensitive information exposed on the internet and dark web.

An External Penetration Test Includes:

  • Pre-engagement meeting

  • 5-day investigation

  • Full Report – with discoveries and remediation

  • Post-engagement meeting

Internal Penetration Testing

An internal penetration test centres around what an attacker could do once they are inside your network.

We place our PenTest Dropbox inside your network and impersonate the tactics, techniques and procedures based on real-world observations of known adversaries.

We attempt to uncover misconfigurations and security flaws inside the internal network.

An Internal Penetration Test includes:

  • Pre-engagement meeting

  • Investigation inside your company’s network.

  • Full Report – with discoveries and remediation

  • Post-engagement meeting

Web Application Penetration Test

The aim of a web application penetration test is to identify and safely exploit weaknesses in the web application.

We seek to uncover common vulnerabilities such as SQL Injection, XSS, Broken Authentication, Security Misconfigurations and more.

Our report and remediation advice help you close the gaps before they are seriously exploited by attackers.

A Web Application Penetration Test Includes:

  • Pre-engagement meeting

  • Penetration test for your company’s website.

  • Full Report – with discoveries and remediation

  • Post-engagement meeting

Full Penetration Testing

This is a combination of the external and internal penetration test.

The penetration test can be carried out with minimal information prior to the engagement.

Our experts will adopt the role of a real life APT and attempt to identify and exploit vulnerabilities whilst testing your organisations defences.

A Full Penetration Test includes:

  • Pre-engagement meeting

  • A choice of PenTesting scope:

    • (a) Combination of the External and Internal Penetration Tests.

    • (b) Red-Team Simulation – attempting to access your data and compromise your network using techniques, tactics and procedures used by real life adversaries.

  • Full Report – with discoveries and remediation

  • Post-engagement meeting