Penetration Testing

Methods and Activities 

• Black/ Grey / White Box testing 
• Static & Dynamic Code Analysis (SAST & DAST)
• Vulnerability analysis
• Traffic interception and analysis
• Network and local attacks & manipulations
• Password brute force tests
• Reverse engineering
• Social engineering
• Phishing
• Exploit development
• Reporting

Penetration Testing Services 

• Web services and web application penetration tests 
• Network perimeter penetration test, including wireless networks
• Penetrating a client-server system, desktop, or mobile application
• Penetration test according to PCI DSS
• Assessment of resistance to multi-layered attacks
• Physical security system penetration tests
• Password policy security assessment
• Industrial IT environment penetration test
• Insider penetration test
• Assessment of anti-DDoS solution efficiency / stress test
• Endpoint targeted pentesting

Network Infrastructure Testing

Assess the level of protection of your data assets. Infopulse security experts leverage the Penetration Testing Execution Standard (PTES) to simulate real-world attacks and identify potential weaknesses and breaches within your network infrastructure.

• External networks
• Internal networks
• Wireless networks

Application Penetration Testing

Verify the reliability of your business applications. Guided by the Open Web Application Security Project (OWASP), our specialists assess the backend logic of your solutions, their source code, and APIs to detect vulnerabilities:

• Web applications
• Mobile applications
• API & web services
• Source code review (SAST & DAST)
• Client-server systems

Social Engineering

Eliminate human-related risks by defining your employees’ susceptibility to social engineering technologies. We test their knowledge of corporate security policies and general cybersecurity awareness with a combination of simulated attacks.

• Phishing tests
• Physical honeypots

Embedded Device Penetration Testing

Protect your smart devices and related systems by testing their security strength. We help you detect insecure elements, compromised communication channels and protocols, vulnerable hardware, and more, providing an actionable remediation plan.

• Supervisory Control & Data Acquisition (SCADA)
• Automated process control system
• IoT and Internet-aware devices

Vulnerability Assessment

Receive a comprehensive report on your systems weaknesses and security issues within just a few days. Infopulse conducts an automated scanning and analysis to identify vulnerabilities and advise on the remediation measures you can take to avoid unauthorized access and prevent breaches.

Red Teaming (Simulated Targeted Attacks)

Leverage a tailored approach to penetration testing services for maximum efficiency. Our experts design a custom testing scenario based on defined business-critical assets to best emulate the threats your organization may face. The Red Teaming methodology includes complex simulated activities, such as covert visibility, social engineering, and a mix of cyber-physical attacks.

Purple Teaming

  Enhance your organization's security detection and visibility by implementing pentest and Red Teaming results into your SOC. Based on the rigorous assessment results, we provide you with a list of recommended actions to help elevate your SOC, such as use case development, equipment configuration, altering security policies, etc. These changes may be performed by the Infopulse team as part of our Managed SOC service or conducted as a separate activity for your SOC.  

Penetration Testing for Remote Workstations

Adapt to the new norm without sacrificing your defense. Infopulse team conducts targeted testing of corporate endpoints/workstations to assess their resilience to hacking VPN connections, misuse of embedded credentials and certificates, unsanctioned use of software, etc. We help you establish secure and efficient remote work of your organization with all-round penetration testing services.