Penetration Testing

A penetration test is a means of evaluating the security of a system by actually attacking it to see how accessible it is. A penetration test conducted by a certified expert will help your company to see how its security control would hold up under a real attack. The information systems are first tested to find any possible security vulnerabilities. The results of the assessment are then documented in a report which is presented to the client, upon which questions can be answered and corrective strategies openly discussed.

Any possible way that your organization may capture, store or process information is analyzed; the systems in which the information is stored, the transmission channels that transport it, and the processes and personnel that are used to manage it will be assessed for vulnerabilities. Examples of areas that are commonly tested include:

  • Each port on all host computers
  • Off-the-shelf products (operating systems, applications, databases, networking equipment etc.)
  • Bespoke development (dynamic web sites, in-house applications etc.)
  • Telephony (war-dialing, remote access etc.)Wireless (WIFI, Bluetooth, IR, GSM, RFID etc.)
    Personnel (screening process, social engineering etc.)
  • Any SPF (Single Point of Failure) that may exist on your network

Our experts will find any exploitable weaknesses that could lead to access of servers/workstations connected to the network. We will uncover any possible threats (such as communications failure, E-Commerce failure, loss of confidential information etc.), and use a security assessment to identify any vulnerabilities that are related to these threats. If you haven’t conducted a risk assessment, then it is recommended that you begin with the areas of greatest exposure, such as the public facing systems; web sites, email gateways, remote access platforms, and so forth.

Copyright © 2024 - Sherlock Forensics LTD

Scroll to Top