Penetration Testing

Penetration Testing

In Hacking21 our slogan is: “You concentrate on your business, and we take care with your e-Security.” We know what we do because we have been doing it for more than 29 years. We have been winning the trust of our clients by doing and probing, NOT by avoidance or saying.

Penetration Testing

What is a Penetration Testing (PenTest)?

PenTest is usually a set of different examinations used to corroborate the security of the company’s e-data, discover hidden threats in addition to discontinue the leakage of electronic data. PenTester (expert conducting the penetration tests) aggressively tries to abuse existing weaknesses at the network or local level. Those tests are based on the simulation of network attacks from internal intruders and Black Hackers, and have the objective to determine how vulnerable the company’s networks are, including their communication systems and mobile technologies. PenTest have been widely used to determine the safety of corporation networks and has been proved as one of the most effective methods to determine the action plans required to protect the company infrastructure and minimize the security risks.

For more than 29 years, the staff of Hacking21 has been doing these types of tests with remarkable results for its clients. Far from the perception of many companies, in the modern world, information security is NOT about possessing the latest and more robust technologies on place, instead, is a complicated system that involves not only powerful technological solutions, but also human expertise, as well.

The most common forms of PenTest offered by the staff of Hacking21 are:

White Box Test: In this specific circumstance, the client provides the PenTester with some information about the network topology and/or infrastructure before the beginning of the testing examinations. During this type of investigation, the PenTester will attempt to gain inclusive access to the infrastructure and system resources, including the stored data and databases. If the attempt is successful, the PenTester will try to expand the analysis to other system resources that belong to the demilitarized zone (DMZ), internal networks, telecommunications systems, and peripheral devices.

A distinctive particularity of this type of PenTest is that login information as for example; user names and passwords are provided by the client, along the required info to login into their networks. Due to its’ nature, this type of tests requires less time and is much simpler, but usually demands the interaction from the subject of the test; however, this type of PenTest has been proved as highly beneficial and is usually the most popular. After the tests, Hacking21 issues a very detailed report with the specific findings and instantly recognizable suggestions to solve or minimize the discoveries.

Black Box Test (Blind penetration testing): In this particular case, the PenTester does not know any particularities about the network topology and/or infrastructure. In other words, network security experts would have to start from scratch. They will have to find the location of the network and start looking for ways to penetrate the system. Due to its nature, this type of tests requires more time and is much more complex, but does not require the interaction from the subject of the test. After the tests, Hacking21 issues a very detailed report with the specific findings and unambiguous suggestions to solve or minimize the discoveries.

Grey Box Test: This type of PenTest is a combination of the aforementioned techniques, in which clients make available some partial information that facilitates the testing procedures. In this case, the PenTester has the ability to focus on specific details more rapidly, but the final report issued by us, contains exactly the same information as in the previously explained techniques.

Without considering the type of PenTest performed, Hacking21 is in strict compliance with ISO/IEC 17799:2005; ISO/IEC 27000:2009, OWASP, and PCI.

Starting to work with us is very easy, simply tell us about your project now – and we can start tomorrow – this is our promise!

CALL US AT (305) 741 – 5406 in Miami, Florida, or (508) 986 – 9271 in Fall River, Massachusetts.

Copyright © 2013

You must be logged in to post a comment.