Vulnerability assessment & penetration testing

Vulnerability assessments & penetration testing are in-depth, technical review of a client's IT environment using industry-developed best practices, methodologies and technical tools.

Vulnerability assessments & penetration testing are used to assess an organisation's exposure to IT threats and provide recommendations based on the outcome of detailed vulnerability analysis.

Vulnerability assessments

Routine vulnerability assessments are critical to an organisation's ability to identify and mitigate current cyber security threats to their IT environment. Vulnerability assessments consist of using specialist tools to scan an organisation's IT infrastructure to detect security weaknesses and flaws that can be rectified through maintenance and process review.

The vulnerability assessments consist of the following:

  • Routine system checks 
  • Internal scans of an organisation's infrastructure including infrastructure patch levels, malicious software detection, anti-virus update levels
  • External infrastructure scanning
  • Current high-level security state and threat level reporting
  • In-depth technical reports for IT teams
  • Identification of organisation's data which is exposed to the public
  • Logical and physical securities control assessments
  • Open source intelligence gathering

Penetration testing

Penetration tests allow us to demonstrate the client's state of vulnerability to IT threats by simulating cyber attacks against an organisation's IT environment. Our InfoSec team will attempt to probe and breach a client's security infrastructure to discover and analyse any weaknesses in their cyber-defences and provide recommendations to mitigate any related risks.

The penetration testing phase includes the following elements:

  • Incident response testing
  • Internal/External vulnerability exploitation
  • Social engineering attempts
  • Logical and physical access tests
  • High level reports
  • Technical reports of IT teams

Want to know more?