We have an expert team that can evaluate people, processes and technical gaps at the network, host, application and data layers. All testing activities are contextualised to the client’s business and risk tolerance objectives and qualified by how appropriately the environment maintains confidentiality, integrity, and availability requirements.
- Device configuration and/or control effectiveness
- Vulnerability to common security vulnerabilities and/or attack methods
- Attempts to confirm detected vulnerabilities ranging from passive to active attack vectors to limit the possibilty of any adverse effects
- Attempts to gain elevated access and/or extract sensitive information
Finding vulnerabilities relies not just on the tools but also the skills of the analysts. Using tools, we find weaknesses, evaluate their severity and make recommendations for mitigation.
Prior to any testing, we get agreement on the test objectives, coordination, logistics, safeguards and progress calls. Once complete we provide a report detailing our findings and recommendations to remediate the vulnerabilities.