Penetration Testing of Information and Communication technology devices.
We do our Penetration Testing with the hacker mind in place following these steps:
- Survey the organization territories using several methods and tools to gather information about the organization’s customers, employees, systems and operations.
- Scrutinize the network and systems based on information gathered in the previous step to get more useful information about the IT devices used in the organization that, possibly, constitute a route to gain access to information.
- List possible means of gaining access to the organization and document type of attacks that could be launched.
- Advise on a list of countermeasures to mitigate the risks of discovered vulnerabilities and help IT people understand better their security systems and rightly implement security counter measures or controls.
- Advise on how to integrate this whole process into the ISMS lifecycle of their organization.
Penetration Testing includes the following but not restricted to:
- Network Discovery
- Operating Systems
- Network Devices (Wired and Wireless)
- Web Servers and Applications
- Databases (SQL, Oracle, etc.)
- Mobile Devices
- Social engineering
- Password Cracking
- Denial of Service
- Physical Barriers