(pentest for short) is the
process of using approved,
to conduct real-world
attacks against a system so as to identify and
correct security weaknesses before they are
discovered and exploited by others with a
somewhat less than honorable intent.
Pentests are also useful for testing an
organization's responsiveness and defense
capabilities (testing IDS/IPS, Intrusion
Response Plan, etc.). Also referred to as Ethical Hacking
(VA) is the process
of identifying vulnerabilities in
computers and networks, as well as weaknesses
in policies and practices relating to the
operation of these systems. A vulnerability
assessment is more general in nature, and has
the aim of determining all security faults
without necessarily exploiting them.
NEW: We have
a four-day training offering in this area -
please see our Training page.
Our group has extensive experience is
this area, and an arsenal of tools, both Open
Source and Commercial (Nessus, SAINT, Core
Impact, Metasploit, etc.) We follow the Open Source Security Testing
Methodology Manual (OSSTMM)
and guidelines for these types of assessments.
Our consultants are Certified Penetration
Testing Specialists and Certified Penetration
Testing Experts (CPTS/CPTE).
Specialized penetration tests and
vulnerability assessments can be commissioned
for PCI DSS compliance, Point of Sale (POS)
Systems, Web Applications, Warehouse / Stores
systems, Wireless Networks, VoIP deployments,
databases (Oracle, Informix, MS SQL Server,
Sybase, etc.), SCADA systems, and other areas.
Find the security problems on your systems
before the hackers do!
Fifteen years of
service excellence - 1998-2013.