Menu
As the name suggests this would target your network, this may include your internal network at your office premises or based on the targeting of your organisations assets from across the Internet.
You can’t go far on the Web today without using a web application. They’ve become ubiquitous, it is how many of us shop, find a plumber or even a partner.
An Application Programming Interface or API is used to structure the communication between two entities, recent years have seen an explosion in their use. For example, this could be a mobile app which uses an API to log in a user to an online shop.
The Cloud offers obvious benefits in terms of speed and scale which traditional deployments cannot match. Sometimes in a rush to embrace those benefits neglect to understand the intricacies of the Cloud.
Mobile applications or apps as they have become known are a key way in which services are offered directly to end users in a way which is more closely tailored to the providers needs that would be possible using a traditional web application.
Breaking free of the wires which restrict our free movement in the workplace or the home means that now many naturally mobile devices and indeed many non-mobile devices now use wireless networking.
Enterprises small and large use all manner of systems and devices including laptops, servers, mobile devices and tablets. Where the security requirements are exacting enterprises often rightly choose to build and refine a baseline of settings for that particular device and use case.
Social engineering encompasses email phishing, telephone phishing and physical social engineering.
Some of the types of engagements we undertake do not fall neatly into one of the common categories. We term these specialist projects. These may be related to special hardware devices for example those used in medical settings, Internet of Things (IoT) devices or related to SCADA.
Why do this?
Most often we are approached by vendors, service providers or end users and asked our opinion about some item of equipment. More often than not we find that little is publicly reported about that item and we are tasked with performing a review.
We will guide you through each stage to ensure your digital landscape remains fortified against emerging threats.
We begin by discussing your requirements in a meeting or voice conference. This is where we learn about your needs, work out timelines, define points of contact, agree on reporting requirements and decide on the testing scenarios to be used by the assessment team.
After the requirements gathering phase, we submit a written proposal for your review. This document outlines our understanding of your requirements and presents the proposed approach, including detailed timescales and project prerequisites.
Once the proposal is accepted, we proceed to fulfil the prerequisites. This involves returning an authorisation form that lists the assessment targets and timescales. In some cases, such as when testing authenticated web applications, we may need to obtain credentials before proceeding.
Our testing team executes the assessment according to the agreed plan. We maintain constant communication with you during the engagement and provide daily progress updates.
After the assessment is completed, we prepare a final report in line with the agreed testing timescales. Our reports are high-quality documents that undergo a thorough quality control process. They provide detailed descriptions of vulnerabilities and supporting evidence, and include mitigation advice for the identified findings.
We remain available for post-assessment support and knowledge transfer. This allows for a comprehensive debrief and ensures that you have a complete understanding of the assessment results.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.
Get started with a comprehensive penetration test today and fortify your organisation against cyber threats.
Get started with a comprehensive penetration test today and fortify your organisation against cyber threats.