<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=163836&amp;fmt=gif">

email info@cwlsystems.co.uk   0845 880 1285

email info@cwlsystems.co.uk  Mobile icon 01480 217777

facebook

qqq

    What is a penetration test?

    A penetration test (pen test or ethical hacking), is an authorised simulated cyberattack on a computer system, performed to evaluate the security of a system or network.

    Identify Security Flaws

    coding

    Test New Software

    Compliance of Regulations

    Conformance to Standards

    What is Penetration Testing?

    In the simplest form; a pen test is an authorised attempt to breach some or all of your system's security, using the same tools and techniques as an adversary might. Your goals of a pen test will vary depending on the type of activity or vulnerabilities you are trying to identify.

    The process identifies the target systems and a particular goal, then reviews available information and undertakes various means to attain that goal.

    A penetration test target may be a;

    • White box (which provides background and system information)
    • Black box (which provides only basic or no information except the company name).
    • Grey box (a combination of the two where limited knowledge of the target is shared with the auditor).
    A penetration test can help determine whether a system is vulnerable to attack if the defences were sufficient, and which defences (if any) the test defeated.
     

    Need more information?

    Our team of in-house experts are always happy to answer any questions you might have about pen testing!

    Types of Penetration Test

    Different types of penetration testing will focus on different aspects of your perimeter – the boundary that separates your network from the Internet.

    Infrastructure (Network) Penetration Tests

    Network penetration tests aim to identify and test security flaws, whether that be flaws in servers and hosts, misconfigured wireless access points and firewalls or insecure network protocols.

    External Infrastructure (Network) Penetration Tests

    External penetration tests identify and test security vulnerabilities that might allow attackers to gain access from outside the network.

    Internal Infrastructure (Network) Penetration Tests

    Internal penetration tests focus on what an attacker with inside access could achieve. An internal test will usually be done from the perspective of both an authenticated and non-authenticated user to assess potential exploits. It will check vulnerabilities affecting systems that are accessible by authorised login IDs and that reside within the network and check for misconfigurations that could allow employees to access information and inadvertently leak it online.

    Wireless Network Penetration Tests

    If you use wireless technology, such as Wi-Fi, you should also consider wireless network penetration tests. Identifying Wi-Fi networks, including wireless fingerprinting, information leakage and signal leakage whilst determining encryption weaknesses, such as encryption cracking, wireless sniffing and session hijacking.

    Web Application (software) Penetration Tests

    Web application tests focus on vulnerabilities such as coding errors or software responding to certain requests in unintended ways.

    Social Engineering Penetration Tests

    As technical security measures improve, criminals increasingly use social engineering attacks such as phishing, pharming and BEC (business email compromise) to gain access to target systems.

    So, just as you should test your organisation’s technological vulnerabilities, you should also test your staff’s susceptibility to phishing and other social engineering attacks.

    Some of Our Partners

    17
    13
    15
    DELL Tech for the Web-4
    READ SOME OF OUR SUCCESS STORIES