Penetration Testing
Ensuring your company's cyber security today is extremely critical. Are you prepared to deal with different types of attacks? Find out how we can help you avoid possible future threats!
DEFINITION
A penetration testing, also known as pentesting or pentesting is a service in which an organization's assets, whether servers, websites, mobile applications or IoT devices, are tested against attempts to exfiltrate information, compromise user accounts, among other various types of threats. The objective is to simulate controlled malicious attacks to validate the effectiveness of security mechanisms.
Knowing the vulnerabilities of the environment is the best form of prevention!
Goals
-
Simulate an internal or external attacker without causing harm to the company;
-
Identify vulnerabilities present in the company's assets;
-
Measure the risk that an exploration of them can entail;
-
Recommend mitigation strategies;
-
Validate adherence to compliance policies;
-
Among others...
Main benefits
Protection of
Customers
Vulnerabilities Discovery
Mitigation
of Risks
Bigger
Reliability
what we test
WEBSITES
SERVERS
IOT DEVICES
MOBILE APPS
Wi-Fi
types of tests
BLACK-BOX
Performed without any knowledge of operation and without providing credentials.
GRAY-BOX
Carried out with little knowledge of operation or provision of credentials.
WHITE-BOX
Carried out with full knowledge of operation and provision of credentials.
METHODOLOGIES
Here at CYBERX we follow internationally known methodologies for carrying out our penetration tests. We seek to provide the best framework according to the client's business. The use of each of these methodologies allows covering compliance policies, such as PCI DSS, ISO 27001, among others.
WSTG
The Web Security Testing Guide
MSTG
Mobile Security Testing Guide
PTES
Penetration Testing Execution Standard
OSSTMM
The Open Source Security Testing Methodology Manual
NIST
National Institute of Standards and Technology