Penetration Testing Service
brandsec provides an end-to-end Penetration Testing service to assess the IT assets of our clients, including firewalls, routers, VPN, IDS/IPS, Web servers, Application servers, Database servers, etc. our Penetration Testing service provides an insight into the organisation’s current state of security, discover possible ways to penetrate and test the effectiveness of security countermeasures. We perform our Penetration Testing in two formats:
- External Basic Penetration Testing: Performed remotely with no internal access provided to our security experts. The goal is to identify and classify the weaknesses and penetrate the internet-facing IT assets of an organization such as Web Servers, Network Gateways, VPN, E-mail Servers, and Firewalls.
- Internal Basic Penetration Testing: Performed from within the premises of the target organization, usually to identify & classify threats and vulnerabilities in internal network presented by someone who already has access to the organization’s network such as an employee, contractor, or guest. It also helps an organization to determine its compliance on global or local policies, standards and procedures in terms of information security, data protection and segmentation of network.
In addition to listing all individual vulnerabilities in every IT asset, our approach is to find the systematic issues in the organisation that led to these issues. We often use a sampling methodology in our approach to focus on the root causes and prioritize the most important remediation steps.
Upon completion of the Basic Penetration Testing, a detailed report will be sent to the client, including the following:
- Executive Summary: Summary of the purpose of this assessment, as well as a brief explanation of the threats that the organization is exposed to from a business perspective.
- Findings: A detailed, technical explanation of the findings of the assessment along with steps and proofs of the findings.
- Conclusion & Recommendations: This section provides final recommendations and a summary of the issues found during the security assessment.
Service Delivery Time
The Basic Penetration Testing service on 10 IT Assets can be completed in five business days.