Penetration Testing &
Vulnerability Assessment
Penetration testing has proven to hold a vital role in ensuring that weaknesses or vulnerabilities in company systems are exposed and acted on before being exploited by cyberattacks.
Our Penetration and Vulnerability Assessment services provide an overall determination of information security risks within our clients’ network environments.
KEY OBJECTIVES
• Culture of security
• Discover and test external internet presence Red Team/Blue Team and tabletop exercises
• Security Incident Response procedures assessments
• Vulnerability scans of a representative sample of internal subnets
• Application security review of sample web application and application(s) environments for specific vulnerabilities
• Social engineering tests on a representative sample of employees using email, phone, and removable media as attack vectors
• Wireless security tests at corporate and sample field locations
• Physical security testing, involved and scoped with the client, to cover potential exposures
• Comprehensive reports for preventive and detective controls to protect against identified vulnerabilities
PENETRATION TESTING METHODOLOGY
• Follows ISO 27002 series and provides testing best practices, recommendations and reporting Internal/external network penetration assessment and testing
• Determination of incidents and reporting
• Evaluation of existing security tools (i.e. IPS, SIEM, End-Point protection)
• Comprehensive assessment and review of existing security network, policies and infrastructure identifying vulnerabilities of key servers and end-point devices
• Vulnerability assessments based on identified organization constituents (targets to be determined with the client), including phishing and social engineering
• Determinations on existing data security controls (“as-is” state of the overall security network)
• Network traffic sniffing
• Reconnaissance & Dark Net research to assess if IPs have already been compromised
• Analysis and detection of the existence of malicious code or tools
• Analysis and detection of both known and unknown hacking concerns for the client
• Final comprehensive report and recommendations based on executed tests results
DOWNLOAD OUR PEN TESTING BROCHURE
SIGN UP & DOWNLOAD BROCHUREPHASES OF TESTING
PHASE 1
Contextualized, detailed understanding and reporting as to the contemporary threats and threat factors that could impact your network along with likely motivations to do so.
PHASE 2
In phase 2, Axis Tech performs the actual penetration tests, influenced by Phase 1 output. This involves conducting exercises based upon the scenarios defined by Phase 1. these exercises are conducted in as realistic a way as possible.
PHASE 3
Having completed the technical assessments of the network, people and processes, we present the relevant and actionable outcomes in three key deliverables:
1. A Threat Intelligence Report
2. Attack Test Report
3. Security Improvement Plan