Categories
< All topics
Print

Penetration Testing

What is a penetration test?

For our penetration test (also called a pentest) we perform advanced automated Web Application and Network scans, as well as thorough manual checks. It simulates a cyber-attack to prove where a hacker might be able to exploit systems. Our ethical hackers use advanced automated and thorough manual tests as malicious hackers do to find dangerous vulnerabilities in web applications.

What is The Penetration Testing Execution Standard (PTES)?

The Penetration Testing Execution Standard (PTES) is a comprehensive framework of guidelines, procedures and techniques for conducting and managing penetration testing activities. This standard methodology was created to address the need for a consistent and structured approach to penetration testing, with the goal of producing consistent and reliable results.

The PTES standard consists of seven phases, including planning and scoping, information gathering, threat modelling, vulnerability identification, exploitation, post-exploitation, and reporting, all explained below.

  1. Planning – The preparation phase for the pentest.
  2. Information gathering – In this phase information about the target system is gathered.
  3. Threat modelling – This is a procedure for optimising application, system or business process security by identifying objectives and vulnerabilities, and then defining countermeasures to prevent or mitigate the effects of threats to the system.
  4. Vulnerability analysis – This phase discovers and validates vulnerabilities.
  5. Exploitation – In this phase they try to exploit the previously identified and validated vulnerabilities.
  6. Post-exploitation – This phase maintains control over the target system and collects data.
  7. Reporting – A detailed analysis of an organisation’s technical security risks that covers many facets of an organisation’s security posture, such as vulnerabilities, high-low priority concerns, and suggested remediations.
What types of pentests do you do?

We can perform a Vulnerability Pentest (according to PTES), Infrastructure Pentest (internal and external), WIFI and LAN access test, API test, App endpoint test, Phishing test, and Code review/App analysis. Together we determine your goals up front to maximise the information you gain from our tests.

For more information and pricing: https://forus-p.com/en/pentests/

Table of contents
Shopping cart