Penetration Testing

Review the safety performance of IT systems and networks

Technical analysis of the safety level of IT systems and networks. Complete investigation of the hardware / software systems for security vulnerabilities. Simulation of potential attacks from internal and external perpetrators (intranet, internet). Detection of security vulnerabilities of IT by our holistic analysis process that includes a complete and conclusive investigation path and in particular includes the following sub-processes:

Information Gathering

  • Foot-/Fingerprinting: Obtaining information on the entire Hardware-/Software-System (Blackbox, Whitebox)
  • Network analysis

Vulnerability Detection and Verification

  • Vulnerability scanning: review of the entire hardware-/software-configuration to leaks and covert security bugs (security configuration) and verification of vulnerabilities
  • Analysis of firewall rules
  • Review of the encryption in networks (WLAN, LAN, WAN) and on servers
  • Exploiting known vulnerabilities

Reporting

  • Development and review of security strategies: password policies, e-mail policies, firewall, server policies, security mechanisms, security policies etc.
  • Determination of safety levels
  • Presentation: Preparation of progress (fully documented) results, final report of all investigations with a recommendation for action to enhance security levels
  • Conclusive documentation with recommendations to enhance security levels
  • Supporting the development of preventive security measures to attack defense and prevention of abuse cases and in the development of a cyclical auditing process to increase the resistance value of IT to continuously and sustainably
img