The procedure for providing the Penetration test service
by Ovais Mirza Director, DICCEvery day, the risks associated with information
security are growing.
Attackers, competitors, and simply bored
teenage geeks have ever-increasing opportunities to access your critical data.
Do you have confidence that you have
sufficiently secured your information assets from internal threats or external
intrusions? Would you like to make sure that everything necessary for this
is done?
Information system penetration testing (pentest) is
one of the most popular tools for evaluating the effectiveness of information security,
which allows determining the reliable level of security of information assets
in real cyber attacks , including social engineering.
Test on the
penetration provided by leading standards in the field of information
security as ISO 27001, RS BR IBBS-2.6-2014, PCI DSS, OWASP, OSSTMM , etc.,
As well as regulations FSTEC Russia.
The main goal of the new service of MAKS Company
LLC is to identify vulnerabilities in the information technologies and
systems you use by reproducing the possible actions of an attacker.
The procedure for providing the Penetration test
service:
1. Intelligence and information gathering.
2. Network scan.
3. Determination of the perimeter of the network.
4. Determination of types and kinds of
network equipment, system software support.
5. Search for vulnerabilities.
6. Analysis of the information received.
7. Description of possible attacks.
8. Attempts to exploit vulnerabilities.
9. Reporting and recommendations on elimination of
identified vulnerabilities.
All methods of exploiting vulnerabilities are
consistent with you. All attempts at operation will be carried out with your
consent. All documents are developed in Russian.
It is allowed to use the English language in
images, graphs and other graphic elements contained in documents.
The service can be performed both remotely and in
your territory. Information obtained during the execution of work is
confidential. Security audit Average time of service provision is 30
(thirty) business days from the date of conclusion of the contract.
Based on the results of penetration testing, you
get a detailed report containing the following information:
∙ a detailed description of the vulnerabilities
identified in your infrastructure, an expert assessment of their severity to
ensure information security;
∙ practical recommendations for addressing the
identified vulnerabilities.
Join Ethical Hacking Training of DICC to know more about Penetration Testing and how to imply it practically.
Sponsor Ads
Created on Apr 26th 2020 03:29. Viewed 324 times.