Penetration testing or pentesting is the process of simulating hacking attacks against a particular system or environment in a controlled manner to identify risks and provide advice on preventing those risks. A penetration test might answer questions such as:

  • Can criminals steal customer or payment data from your website?
  • If an employee’s workstation is compromised, can it be used to steal your supplier database?
  • Can customers use your new mobile application safely?
  • Can criminals gain access to internal systems and data?
  • Can a disgruntled employee steal your entire customer database?

The scope for a penetration test might include network infrastructure and/or applications depending on the purpose of the assessment and particular areas of concern (such as processing of sensitive data). Some of the areas we cover can be seen below:

Network Infrastructure

Mobile Applications

Web Applications

Workstation/Server Configuration

Wireless Assessments

Vulnerability Scanning

Vulnerability scanning involves automated scans of the target environment using industry-leading tools in order to identify security vulnerabilities and weaknesses, and offer advice on remediation.

Vulnerability scanning is a requirement for various accreditations, standards, and certifications from ISO 27001 to Cyber Essentials, PCI DSS to Lexcel.

Vulnerability scanning isn’t as thorough as penetration testing but it provides a cheaper alternative to help identify key risks or for ongoing monitoring of your environment.

Enquire today about our penetration testing and vulnerability scanning services.