Penetration Testing

IT security requires professional and domestic networks to be protected against external threats ranging from viruses to deliberate “hacks”. The effectiveness of these defences can only be maintained by regular penetration testing. The same is equally true of physical security measures.

Protecting your business is our business

Penetration testing is designed to test, and ultimately compromise security in order to expose weaknesses.  The level of the threat assessment will determine the level of defence which is required.  As specialist modes of attack become more universally known, so defences must evolve to keep pace with the threat. 

Cyber penetration testing:

  • Audit and critical assessment of written procedures and protocols and the architecting of data repositories.
  • Online open source information gathering can reveal vast amounts of information about a company or person that can be detrimental to their security.
  • Online intrusion assessment. 3e can expose an organisation’s weaknesses to hacking over the internet. ‘Hacking’ can be used to access sensitive company or personal information or to initiate instructions for the illegal movement of cash. Note: this service can only be delivered with the legal owner’s permission.
  • Wireless infiltration / intelligence gathering. This technique involves remotely attacking a router in order to obtain sensitive data which would allow for further breaches in cyber security. Note: this service can only be delivered with the legal owner’s permission.

Physical penetration testing:

  • Physical infiltration to test and negate present security procedures such as access control. The objective is to assess the ease with which unapproved access can be gained into restricted or controlled areas such as senior executive offices, board rooms, or server rooms.
  • Assessment of overall physical security countermeasures.
  • Evaluation of response processes, speed and effectiveness when breach incidents occur.
  • Social engineering. Social engineering is the act of influencing someone to obtain confidential and privileged information, or to gain access to restricted resources and premises. Risk assessments of this threat involve screening or due diligence procedures.
  • Covert physical surveillance conducted against key employees or people can often reveal valuable intelligence.