The process involves an active analysis of the system for any potential vulnerabilities that could result from poor or improper system configuration, both known and unknown hardware or software flaws, or operational weaknesses in process or technical countermeasures. This analysis is carried out from the position of a potential attacker and can involve active exploitation of security vulnerabilities. Any security issues that are found will be presented to the system owner, together with an assessment of their impact, and often with a proposal for mitigation or a technical solution. The intent of a penetration test is to determine the feasibility of an attack and the amount of business impact of a successful exploit, if discovered.

We offer to our Customers following Security Tests.

Black-Box / Application Penetration Test:

Our Pen-Test Team will launch a remote attack on the indication given by Customer on external IP addresses that should be considered as Target: The Test aims to identify vulnerabilities in the services provided by Target systems (Web, FTP, Databases, etc.), to exploit any found vulnerabilities to obtain elevated privileges, as well as the forcing of passwords of the authentication systems. Side web application, if the source code of the web application is provided, it may be used to improve the testing process.

White-Box Penetration Test:

A Security Specialist by our Pen-Test Team will visit the Customer company and will simulate an attack launched by an internal attacker (employee, staff with access to the machines) in order to assess the degree of company impairment because of an internal attack. The techniques are similar to the Black-Box Penetration Test more the possibility to test Router, Firewall, IDS/IPS and the possibility to Sniff sensible data.

Wireless Penetration Test:

A Security Specialist by our Pen-Test Team will visit the Customer company and will launch an attack aimed at WiFi and Bluetooth Networks and devices installed at the Customer company, to verify the presence of vulnerabilities that allow access to Customer systems without authorization identifying the level of depths that such an attack can reach.

At the end of both Tests the Customer will receive a detailed Report with all issues found and a proposal for mitigation.

Our Pen-Tests are in accordance with the Open Web Application Security Project (OWASP) and Open Source Security Testing Methodology Manual (OSSTMM) methodologies and run by qualified Security Experts. Customization and management priorities.

Professionalism throughout the Testing activities.

The Customer's ICT structures and systems are not subjected to damage.

We take great attention to Customer Privacy.