Penetration Testing

Web Security

"Assurance that your external facing assets and information are secure"

Our penetration testing (pentesting) services provide assurance that your external facing assets and information are secure. This includes ensuring access and availability to services is consistent with your organisation's governance requirements.

External Penetration Testing

External pentesting is used to test the information system environment for unacceptable risks with the testing performed from the perspective of an external party. IT systems can range from web and email to custom applications.

Testing is performed through:

  • Automated scanning to detect simple vulnerabilities and vulnerability pre-cursers;
  • Manual testing and analysis to discover complex vulnerabilities;  
  • Structured testing using the industry recognised OWASP pentesting methodology; and
  • Exploitation of discovered vulnerabilities where possible.

Pentesting may involve unauthenticated testing to simulate threats from the general public or authenticated testing to simulate threats from a system user. 

Vulnerability Assessments

Vulnerability assessments are similar to pentests without the attempt to exploit any vulnerabilities. For this reason a vulnerability assessment is a good engagement type when reducing the testing time. 

The disadvantage to a vulnerability assessment is that the layers of security controls your organisation has is not tested. To overcome this we work with the IT staff to discuss findings, potential mitigations and areas of risk. 

Contact us to discuss your cybersecurity requirements on 1300 521 622 or [email protected]

Other Services