What is Penetration testing

A penetration test (also known as Ethical Hacking) is an authorized attempt to gain access to an organization's data assets. Its purpose is to identify vulnerabilities so that they are identified and rectified before any potential cyber attack.  

The testing process is done in four stages:

  • Gathering Information about targets ( reconnaissance).
  • Identifying and priorities vulnerabilities.
  • Exploiting identified vulnerabilities to determine risk levels.
  • Providing executive level reporting and actionable remediation strategies. 

The benefits of penetration testing includes: 

  • Achieve compliance for industry standards such as PCI DSS and others.
  • Avoid potential high costs and reputation damage due to data breach and data lost.
  • Receive an independent comprehensive report with actionable recommendations. 
  • Gain confidence that your websites, web app, mobile app and networks are secure. 

stSoftware's penetrations testing services include:

  • Website penetration testing.
  • Web application penetration testing.
  • Mobile application penetration testing
  • Scanning for web and network vulnerabilties. 

Penetration Testing Methodology and Tools

stSoftware has a tried and tested, penetration testing methodology based on industry best practices such as the OWASP and the OSSTMM. This ensures that you receive reliable, repeatable results, and minimizes the risk to your systems under test.

Our team uses an arsenal of penetration testing tools similar to those used by attackers on the internet – in conjunction with in-house developed, commercial, and best-of-breed open-source penetration tools.

Keeping up to date with the latest security vulnerabilities, trends and hacking techniques is our business.

We produce a comprehensive business risk focused penetration testing report covering the approach taken, the techniques used, and the vulnerabilities identified. We then apply our expertise to make prioritized, procedural and strategic recommendations to ensure that your systems are secure against future attack.

Vulnerability Management and Protection

Our penetration testing service can be provided as a one-off assessment, or on an ongoing basis. You can leverage our security expertise to provide you with automated, continuous, cost-effective, vulnerability management protection where we work with you to develop a recurring vulnerability assessment program for different segments of your environment. With a recurring program we can highlight current exposures in a timely fashion, and provide you with trending data that allows you to monitor the progress of your IT security initiatives over time.