- Oxford: +44 (0)1865 877830
- Manchester: +44 (0)161 713 0176
- London: +44 (0)203 5983740
- New York: +1 646-781-7580
- Dubai: +971 (0)4 427 0429
A penetration test is a set of procedures designed to bypass the security controls of a computer system in order to test the system's resistance to attack.
Penetration tests can be carried out on an external network address range, web site addresses, internal servers and network devices, or a combination of any of these.
The basic stages of a Dionach penetration test are:
This independent security vulnerability assessment is carried out either from our penetration test laboratory in Oxford and/or on client site. Our penetration testing consultants share a range of specialist skills and employ both manual techniques and the use of commercial, non-commercial and in-house developed tools to ensure that the test is comprehensive. The skills and tools are continually reviewed and updated to ensure that Dionach keep on top of the ever-evolving threats.
The penetration test mimics how a real intruder may attempt to compromise the system and is an offensive rather than defensive security measure, and so is the best way to determine how secure your network is in reality.
We provide a comprehensive report split into two parts.
A non-technical summary for senior management that identifies the main security issues and provides strategic recommendations for resolution and prevention of future.
A detailed description of all issues found by the penetration test, possible ramifications of the issues identified, and recommendations to rectify them. Security issues are listed in relevant categories with potential dangers scaled by urgency, from severe threats to general observations.
As a Dionach Penetration Test is independent, it is an objective assessment of your information security, and so is more likely to identify security weaknesses than if performed by those who are responsible for the security.
The test will highlight any serious weaknesses in your network before a real hacker exploits them.
You will know what external services are publicly available at a point in time and you can act to remove unnecessary services.
The report creates management and board awareness of security weaknesses and improvements, and can be used to justify the security budget.
Follow up tests can verify the impact of a security program and justify the expense.
Regular scheduled tests ensure that your network is not compromised by changes in network services and new vulnerabilities.
The test will determine your ability to detect and respond to security incidents, and so improve your detection and response effectiveness for the future.
Positive results provide confidence in the security of the network infrastructure.
Testing is typically carried out on a quarterly, six-monthly or annual basis. A test can take from a few days to two weeks to carry out depending upon the brief.
© Copyright 2017 Dionach