Penetration Testing

Penetration testing helps to identify vulnerabilities within a network.  The terms penetration testing (or pen testing) and vulnerability assessment are often confused when in reality, the two terms have very separate meanings.

Penetration testing, or ‘ethical hacking’ is the process of simulating how a cyber-attack might take place in the real world. Because it wouldn’t be right for us to test systems that we’ve configured and because it is very specialist work,  we use a trusted 3rd party company who use the same ‘bleeding edge’ techniques a criminal would adopt without causing damage, to explore all possible routes into your networks, website, or staff, with a view to highlighting vulnerabilities which can then be rectified.

When penetration testing is performed properly, the results allow network professionals to make recommendations for fixing problems within the network that were discovered during the pen test.  The main purpose of the pen test is to find a potential weakness in security defenses in order to improve network security and provide protection for the entire network and connected devices against future attacks.

Why conduct a Penetration Test?

Penetration tests should be based on an evaluation of relevant criteria, which would typically include:

  • In response to the impact of a serious breach on a similar organisation
  • To comply with a regulation or standard, such as the PCI or DSS
  • To ensure the security of new applications or significant changes to business processes
  • To manage the risks of using a greater number and variety of outsourced services
  • To assess the risk of critical data or systems being compromised

Contact Us for more information