Penetration testing or pentesting is the process of simulating hacking attacks against a particular system or environment in a controlled manner to identify risks and provide advice on preventing those risks. A penetration test might answer questions such as:
- Can criminals steal customer or payment data from your website?
- If an employee’s workstation is compromised, can it be used to steal your supplier database?
- Can customers use your new mobile application safely?
- Can criminals gain access to internal systems and data?
- Can a disgruntled employee steal your entire customer database?
The scope for a penetration test might include network infrastructure and/or applications depending on the purpose of the assessment and particular areas of concern (such as processing of sensitive data). Some of the areas we cover can be seen below:
Vulnerability scanning involves automated scans of the target environment using industry-leading tools in order to identify security vulnerabilities and weaknesses, and offer advice on remediation.
Vulnerability scanning is a requirement for various accreditations, standards, and certifications from ISO 27001 to Cyber Essentials, PCI DSS to Lexcel.
Vulnerability scanning isn’t as thorough as penetration testing but it provides a cheaper alternative to help identify key risks or for ongoing monitoring of your environment.
Enquire today about our penetration testing and vulnerability scanning services.