Penetration Testing Services as Advanced Diagnostics of Cyber Threats
Penetration testing (pentesting, ethical hacking, “white hat” hacking) helps to assess the security of your company’s information systems, reduce business risks and enhance protection against professional hacking attacks.
During the penetration testing, Infopulse simulates actions of cyber criminals to check the possibility of the following threats: unauthorized access, sensitive data theft, Denial of Service (DDoS) attacks, service disruptions, technical vulnerability exploitation, employee deception, physical penetration and other security issues. Our service package ensures that our customers achieve an economically effective risk management by reaching a proper level of resistance against cyber threats.
Penetration Testing Facts & Figures:
- 15+ years of experience in cybersecurity;
- Certified professionals: (ISC)2: CISSP, SSCP; ISACA: CISA, CISM, CRISC; EC Council: CEH; The Business Continuity Institute: CBCI; ITIL: Experts; PCI SSC PCIP and others.
- Infopulse Quality and Security Unified Business Management System is certified to meet international standards: ISO 9001:2015, ISO 27001:2013, PAS 99, ISAE 3402 type II, and ISO 14001:2015.
- In addition, we use the following security standards and regulations: ISF SoGP, NIST, BS25999, SOX, PCI DSS, and others.
Selected Tools & Technologies used:
- Acunetix, Aircrack-ng, BeEF, Burp Suite, Cain & Abel, Colasoft Packet Builder, DNSstuff, Fiddler, Firebug, hping, Hydra, ike-scan, JMeter, John the Ripper, Kali Linux, Kismet, MBSA, netcat, Nikto, OpenVAS, Paterva Maltego, pstools, Rapid7 NeXpose and Metasploit, SAINT, Shodan, Smtpmap/Smptscan, socat, Social Engineering Toolkit, sqlmap, Tenable Nessus, Wikto, Wireshark, Wpscan, Xenotix, Zed Attack Proxy and others.
- Best cybersecurity assessment methodologies and frameworks: ISECOM OSSTMM3, NIST SP800-115, PTES, OWASP, etc.
Selected Penetration Testing Services
Whether you need the full-scale network and infrastructure manual penetration testing, or a quick scanning of selected systems, Infopulse is your business partner of choice. Penetration testing can be adjusted to suit your specific requirements or situation and focus on particular domains of your company’s application security, business infrastructure, and staff.
- Black-, grey- and white-box website penetration tests;
- Network perimeter penetration test, including wireless networks;
- Mobile application penetration test;
- Assessment of resistance to multi-layered attacks;
- Social engineering penetration testing;
- Password policies security assessment;
- Industrial IT environment penetration test (Industry 4.0, SCADA, etc.);
- Insider penetration test;
- Assessment of Anti-DDoS solution efficiency;
- Web application stress test and others;
- Checking your employees’ response in case of security incidents.
Related Client Cases
ING Bank Ukraine: security consulting complex project – black and white box penetration testing, vulnerability assessment and infrastructure configuration weak spots, recommendations on improvements to security and risks mitigations.
EU company, a former HP subsidiary: security audit across administrative, logical and physical security domains to satisfy strict security requirements.
EVRY, a large Nordic IT services provider: web security assessment according to OWASP methodology of the large online portal for a big Scandinavian company.
European B2B digital services provider: preliminary vulnerability assessment and manual penetration testing of 3 external websites. Testing was conducted against the supporting environment such as servers and network devices. Infopulse identified a number of vulnerabilities across networks and IP addresses and developed a vulnerability mitigation plan.