Penetration Testing

PENETRATION TESTING (PENTEST)

A simulation of a real cyber attacks on your organization ICT systems to determine vulnerabilities and exploitable systems that may pose a risk to the organization.
The importance of any drill is to make sure that things work the way they are meant to work incase of an actual scenario as well as expose areas of weakness for you to improve on.

Our team with the vast knowledge and skill simulate this through a comprehensive method that looks into your organization 360^o making sure that every aspect is looked at. That includes;

a .Internal parties & controls
b. External parties & controls
c. Third parties (Product & Service providers)

After identification of vulnerabilities, penetration testing will demonstrate the ability to gain unauthorized access to system resources and/or disrupt system services.

PENETRATION TESTING FOCUS

As you look into getting a pentest done for your organization, have a clear scope of what you need tested, here is a guide to identifying and defining your scope

Types of PenTest

Web Application PenTest

Web Application Penetration testing (black box and grey/white box) is focused on the application layer of the target application, and may include other logical components (e.g., application server, database).

Mobile Application PenTest

focused on identifying security flaws in the application, how the app interacts with the device platform it was written for (Android/iOS), how the app communicates with server-side systems (API’s, Web Applications etc.) & with the broader ecosystem.

Network & Infrastructure PenTest

Discovery & Enumeration of the connected devices to identify vulnerabilites that are tested in order to try and gain access. Testing of network misconfigurartions and networking devices.

Internal/External Clientside PenTest

A full 360⁰ look into your organizations running of business. With a focus on both internal and external processes, 3rd party connections and risk avaluation from every angle.

Social Engineering

The focus being on the people within and outside the organization, the aim to get confidential information about your organization through deception methids and use that information to gain access.

Remote PenTesting

Devicing new ways to carry out Pentests, it is not a must for our teams to visit your organization for a
PenTest, remote pentest too can work with the same impact as if our teams were there.

PENTEST Methodology

Know the Steps

The standard method of carrying out a pentest is well defined. Using the global set standards such as OWASP, NIST, MitreAtt&ck and comparison to ISO standards that govern the Cyber Security space, our teams give quality reports.

While documentations are done at each stage, our teams are able to give comprehensive details of the process that simulate an actual adversary.

GET IN TOUCH

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.