Are your IT systems sufficiently robust to withstand a coordinated cyber-attack? Our network security consultants use simulated aggression infrastructure pen tests so you can be assured of your data security.
The pen tests help you find vulnerabilities in the system, the probability for cybercriminals to exploit them and how much damage they are likely to inflict. The report will help you plan and implement appropriate system security.
There are three types of application penetration tests: enterprise network perimeter, company’s internal network (intranet) and company’s Wi-Fi pen tests.
We identify potential paths for attacking the Client's infrastructure by an attacker on the Internet. We thoroughly analyse all services made available (knowingly or unconsciously) by the Client on the public IP addresses used by them. Each of the available services is examined for its holes enabling third parties to take over the machine on which it is running. In the case of finding this type of vulnerability and obtaining remote access during further tests, we analyse the possibilities of local escalation of rights and further taking over the customer's infrastructure.
We verify that LANs are properly designed to segment and filter traffic between subnetworks with different security levels. The machines detected in the network are scanned for open ports, and each of the services available is checked for their ability and scope to take control of the machine. In the case of granted access, the level of privileges is verified, and the system checked for possible local escalation to the Administrator or root account level. The tests are based on a seven stages Penetration Testing Execution Standard (PTES) model.
We verify the security of Access Points operating in any standard of communication (802.11b/802.11a/802.11a/802.11g/802.11n/802.11ac), using any security mechanisms (WEP/WPA/WPA2/WPA3 Personal/Enterprise). We can run a security assessment of client stations connected to Wi-Fi networks and analyse available networks for potential Rogue Wireless Devices (devices connected to the company's local network that may provide unauthorised access to that network via an additional Wi-Fi network).