Penetration Testing

PENETRATION TESTING SERVICES


Web Application Penetration Testing

Assessments focusing on vulnerabilities specific to web applications.

External Penetration Testing

Find weaknesses within your Internet facing infrastructure.

Internal Penetration Testing

Protect your information assets from attacks originating from the internal network.

Cloud Penetration Testing

Assess the cyber security of your cloud provider’s environment.

Mobile Application Penetration Testing

Assessments focusing on vulnerabilities specific to mobile applications ( iOS / Android )

Remote Access Penetration Testing

Determine weaknesses within remote & work-from-home deployments used by staff and third-parties. (Citrix / F5 / VMWare )

OWASP Top-10 Penetration Testing

Smaller web application penetration tests focusing only on the current Open Web Application Security Project (OWASP) Top 10 security vulnerabilities.

Wireless & RFID Penetration Testing

Identify weaknesses within wireless network deployments and short-range, low-energy radio frequency devices.

(RFID / NFC / Bluetooth / Zigbee)

Social Engineering

Measure the level of security awareness amongst employees.

Physical Security Penetration Testing

Identify weaknesses within the physical security controls protecting your organisation.

TO TEST OR NOT TO TEST?

Whether you are an e-commerce merchant or not, your online and mobile presence is an essential part of your business and reputation. With the fast evolving cybersecurity threat landscape and the growing number of financially-motivated hackers, organisations must proactively secure their cyber assets.

Penetration Testing (i.e. paying hackers to attack you) is the quickest and most cost-effective way to secure your presence online, your mobile app or simply your internal network. It delivers tangible ROI and helps you protect your reputation and business.

HOW WE DO IT

Privasec uses thorough and proven Penetration Testing and Vulnerability Management methodologies that comply with, or exceed, the industry best practices including:

HOW WE CAN HELP

Our team of experienced and certified ethical hackers help you identify and remediate vulnerabilities before the bad guys find them.

We offer a range of testing services including but not limited to, web application, infrastructure, wireless, mobile penetration testing. We can even add physical penetration testing to our cyber tests, to provide end-to-end assurance against targeted attacks and corporate espionage.

Our engagement process is simple and we are here in person and over the phone to assist at every stage. We’ll even re-test what you fix to give you peace of mind.

HOW OUR SERVICE WORKS

An easy 5 step process, tested and refined over a decade:

Step 1: Initial Consultation - Projects begin with a personal meeting to help understand your business needs and discuss the most appropriate testing approach for your requirements.

Step 2: Scope - The scope is discussed, defined and agreed upon in writing with your final approval to ensure there are no surprises.

Step 3: Testing -  You are informed daily of all testing activities undertaken as well as any high-risk vulnerabilities that have been discovered so you can start fixing them as soon as possible.

Step 4: Reporting - A comprehensive penetration testing report is drafted and presented to your stakeholders face-to-face. Practical and prioritised, our report provides you with remediation guidance as and when required.

Step 5: Verification - Verification re-tests to ensure your fixes have been implemented correctly.

YOUR REPORT

Well Structured

We have seen and worked with dozens of reports over the years and designed our report templates to be easy to work with and act upon.

Versatile

Our reports and presentations are designed to provide both technical and business stakeholders with a clear understanding of the risks identified and of the recommendation made.

Complete

We also provide the technical teams with all the details required to prioritise and remediate (including patching) the risks identified.

We don’t just deliver a dry lengthy report and walk away. We’ll walk you through our findings and answer your questions, high or low level, over the phone or in person.

WHITE, GREY OR BLACK?

There are 3 common penetration testing approaches:

WHITE BOX

Your Consultant has initial access to the environment. This saves you time by skipping the initial defence layer which we would most likely break through the defences.

GREY BOX

A hybrid type of black and white box testing, providing a good balance between effort and comprehensiveness.

BLACK BOX

Performed without any prior knowledge and access to the environment, like if you were attacked by an offshore hacker.

HOW TO PREPARE FOR YOUR PENTEST

Notify

Communicate to stakeholders and IT providers so they know to expect malicious looking activity.

Backup

If you are going to be performing any penetration testing in a  live environment, ensure everything is backed up.

Access

For internal and/or authenticated penetration testing make sure you have commissioned access where required.

Don’t worry, We’ll always discuss these with you ahead of the testing to make sure everything goes smoothly.

Get The Ball Rolling

To discuss how the Privasec RED Team can help you test your defences and/or train your staff, call us on 1800 996 001 or use the contact form below.

Our direct and flexible approach means we can get your Red Team attack going in as quickly as 24 hours.

Please provide your first name.
Please provide your last name.
Invalid email address.
Invalid Input