Penetration Testing

Fingerprint Icon

Simulate attacks against your applications and systems.

Penetration testing is a simulated attack against your organisation's information, applications and systems. The objective is to determine the effectiveness of your existing security controls, both technical and procedural.

Penetration testing seeks to emulate the capability and motivation of a typical threat actor, and uses a mixture of automated and manual techniques.

The level of prior knowledge, attacker capability and underlying motivation will depend on the agreed rules of engagement, but typical examples include the following:

  • Opportunist attacker
  • Disgruntled employee
  • Malware distributor
  • Identity thief
  • Intellectual Property (IP) thief

There are many different types of penetration testing, and a wide range of approaches that can be taken. We discuss the specific requirements with our clients prior to beginning any engagement, however, in general, most engagements fall into the following categories.

Fingerprint Icon

Cloud Services Penetration Testing

Generally, the team will start with an initial connection to the cloud services over the Internet or via an authorised VPN connection, and explore further as they gain more understanding of the client’s specific service provision. The specific steps will depend on the cloud service type, the features used by the client, and the degree to which features are exposed to the Internet or internal users, but will typically include:

Learn More
Fingerprint Icon

Infrastructure Penetration Testing

Generally, the team will start with a connection to the internal network, a low-privileged user account, and a typical workstation provided by the client. Depending on the scenario, the team may also have the ability to use a dedicated suite of tools to more rapidly assess the internal network, and may be provided with a limited amount of privileged information, such as a network diagram. The team will typically work through the following phases, and depending on their progress, may repeat stages several times to ensure the best possible coverage can be obtained in the time allowed:

Learn More
Fingerprint Icon

Mobile App Penetration Testing

Most often, the mobile apps tested are configured for Apple’s iOS or Google’s Android operating systems. The specific approach taken will depend on the app and the client’s specific requirements, but will generally be based on the OWASP Mobile Security Testing Guide and will include the following: Design Review – Identification and understanding of all app components, and prioritisation of potential targets. Decompilation or Source Review – Where appropriate, review of decompiled or provided source code for potential vulnerabilities.

Learn More
Fingerprint Icon

Red Team Engagement

The objective is to test the effectiveness of an organisation’s security posture across the full spectrum of their defensive cyber security portfolio, and will typically require close interaction with internal security or incident response teams to ensure that scenarios are carefully planned and executed. Due to the entirely custom nature of these engagements, it is not possible to provide further details here, rather a specific engagement will be devised on request for each client.

Learn More
Fingerprint Icon

Social Engineering

Typical exercises include email-based and telephone-based phishing, attempted physical intrusion through deception and masquerading, and use of public information to elicit exposure of private or commercially sensitive information. Where permitted as part of the engagement, crafted attachments or spoof websites may be used to obtain internal access or user credentials, and fake social media profiles may be generated to support an assumed identity. This exercise will often be most effective when combined with Internet and social media profiling.

Learn More
Fingerprint Icon

Website Penetration Testing

Generally, the team will start with an initial connection to the website over the Internet. Depending on the scenario, the team may have accounts provisioned for them by the client, which they can use to test the website(s), or they may register accounts themselves. It is common for this type of testing to be performed against a dedicated copy of the website(s), however, the consultant teams are also experienced in testing against live, production environments.

Learn More