1 minute read
PENETRATION TESTING
Penetration testing, also known as pen testing and ethical hacking, is a cyber-attack which is employed by our technical specialists to evaluate, probe and test a computer system, network or web application to identify any security vulnerabilities that could be exploited by cyber criminals.
The cyber-attack process can be performed manually, or through the use of software applications and is designed to simulate an attack upon a system. It should be viewed as a method for gaining assurance in your organisation’s vulnerability assessment and management processes, not as a primary method for identifying vulnerabilities.
Advertisement
IntaForensics offers penetration testing engagements to suit our client’s needs, enabling them to reinforce their cyber security policies and procedures to better protect them from future threats. Our penetration testers are trained in Network, Web and Infrastructure testing disciplines and can offer versatile engagement solutions to any testing environment.
Types of Penetration Testing
Black Box Penetration Testing
Without Login Credentials
Black Box tests are where the penetration tester knows nothing of the infrastructure to be tested. It is more indicative of a real-world, attack, but this method may not always expose all vulnerabilities.
Grey Box Penetration Testing
With User Credentials
Grey Box tests are the most popular form of test that takes a balanced approach between Black and White Box tests.
A Grey Box test discloses just enough information to perform a thorough, methodical test, whilst keeping the scenario relevant and realistic.
White Box Penetration Testing
With Full Admin Credentials
White Box tests are where the penetration tester has access to full, indepth information on the infrastructure to be tested. Whilst not as realistic as a Black Box test, it allows for a very thorough test.
