A penetration test is an authorised attempt to gain access to an organisation's data assets. Its purpose is to identify vulnerabilities so that they are identified and rectified before any potential cyber attack.
The testing process is done in four stages:
Our methodology is based on OWASP and OSSTMM recommendation. Various tools and techniques are used to discover the vulnerabilities within the target web application. Each application is manually audited by an experienced penetration tester. The audit seeks to identify not just common classes of security vulnerabilities, but also vulnerabilities specific to the application itself.
stSoftware has a tried and tested, penetration testing methodology based on industry best practices such as the OWASP and the OSSTMM. This ensures that you receive reliable, repeatable results, and minimizes the risk to your systems under test.
Our team uses an arsenal of penetration testing tools similar to those used by attackers on the internet – in conjunction with in-house developed, commercial, and best-of-breed open-source penetration tools.
We produce a comprehensive business risk focused penetration testing report covering the approach taken, the techniques used, and the vulnerabilities identified. We then apply our expertise to make prioritized, procedural and strategic recommendations to ensure that your systems are secure against future attack.
Our penetration testing service can be provided as a one-off assessment, or on an ongoing basis.
You can leverage our security expertise to provide you with automated, continuous, cost effective, vulnerability management protection where we work with you to develop a recurring vulnerability assessment program for different segments of your environment.
With a recurring program, we can highlight current exposures in a timely fashion, and provide you with trending data that allows you to monitor the progress of your IT security initiatives over time
Keeping up to date with the latest security vulnerabilities, trends and hacking techniques is our business. Talk to us about a one-off or recurring vulnerability assessment program – call 1300 78 73 78, email firstname.lastname@example.org