services
products
Penetration testingThe problem
The service
The main goal of a penetration test is to identify any potential security vulnerabilities of the target computer system from the position of a potential attacker. The test determines if successful exploitation of identified security vulnerabilities is possible and, if confirmed, the amount of business impact of such an attack.
Penetration tests are conducted in a controlled environment, using techniques and tools normally employed by attackers. Besides publicly available tools, INFIGO IS also uses a variety of proprietary, in-house built, specialized tools.
Due to complexity and sensitivity, penetration tests are conducted by qualified experts with highest ethical standards.
Penetration tests include network penetration testing (where the focus of the test is on the network infrastructure and servers) and application penetration testing (where the focus are active services/applications).
Penetration tests can also be conducted externally (from the Internet) or internally, on the client's network. Finally, based on the amount of information received from the client in advance, INFIGO IS conducts black box penetration tests (zero knowledge tests or tests with no prior knowledge about the target system apart from the publicly available information) and white box penetration tests, where the tester has some level of knowledge about the target system.
Penetration tests are customized according to the client's needs.
The benefit
Penetration testing enables organizations in managing their enterprise security strategy. Penetration tests accomplish the following:
• Identification of vulnerabilities, their exploitability and their business impact,
• Verification of implemented security controls, their effectiveness, operational processes and procedures,
• Improvement of the overall information system security level,
• Raising the security awareness of information security personnel.
-
Penetration testing
