Our penetration testing (pentesting) services provide assurance that your external facing assets and information are secure. This includes ensuring access and availability to services is consistent with your organisation's governance requirements.
External pentesting is used to test the information system environment for unacceptable risks with the testing performed from the perspective of an external party. IT systems can range from web and email to custom applications.
Testing is performed through:
Pentesting may involve unauthenticated testing to simulate threats from the general public or authenticated testing to simulate threats from a system user.
Vulnerability assessments are similar to pentests without the attempt to exploit any vulnerabilities. For this reason a vulnerability assessment is a good engagement type when reducing the testing time.
The disadvantage to a vulnerability assessment is that the layers of security controls your organisation has is not tested. To overcome this we work with the IT staff to discuss findings, potential mitigations and areas of risk.