Articles

The procedure for providing the Penetration test service

by Ovais Mirza Director, DICC

Every day, the risks associated with information security are growing.

Attackers, competitors, and simply bored teenage geeks have ever-increasing opportunities to access your critical data.

 Do you have confidence that you have sufficiently secured your information assets from internal threats or external intrusions? Would you like to make sure that everything necessary for this is done?


Information system penetration testing (pentest) is one of the most popular tools for evaluating the effectiveness of information security, which allows determining the reliable level of security of information assets in real cyber attacks , including social engineering.

Test on the penetration provided by leading standards in the field of information security as ISO 27001, RS BR IBBS-2.6-2014, PCI DSS, OWASP, OSSTMM , etc., As well as regulations FSTEC Russia.


The main goal of the new service of MAKS Company LLC is to identify vulnerabilities in the information technologies and systems you use by reproducing the possible actions of an attacker.


The procedure for providing the Penetration test service:


1. Intelligence and information gathering.
2. Network scan.
3. Determination of the perimeter of the network.
4. Determination of types and kinds of network equipment, system software support.
5. Search for vulnerabilities.
6. Analysis of the information received.
7. Description of possible attacks.
8. Attempts to exploit vulnerabilities.

9. Reporting and recommendations on elimination of identified vulnerabilities.


All methods of exploiting vulnerabilities are consistent with you. All attempts at operation will be carried out with your consent. All documents are developed in Russian.

It is allowed to use the English language in images, graphs and other graphic elements contained in documents.

The service can be performed both remotely and in your territory. Information obtained during the execution of work is confidential. Security audit Average time of service provision is 30 (thirty) business days from the date of conclusion of the contract.


Based on the results of penetration testing, you get a detailed report containing the following information:


∙ a detailed description of the vulnerabilities identified in your infrastructure, an expert assessment of their severity to ensure information security;
∙ practical recommendations for addressing the identified vulnerabilities.


Join Ethical Hacking Training of DICC to know more about Penetration Testing and how to imply it practically.

 


Sponsor Ads


About Ovais Mirza Junior   Director, DICC

2 connections, 0 recommendations, 17 honor points.
Joined APSense since, November 12th, 2015, From Delhi, India.

Created on Apr 26th 2020 03:29. Viewed 228 times.

Comments

No comment, be the first to comment.
Please sign in before you comment.