This is a security service where an experienced security consultant is authorised by the organisation’s owners or an authorised representative of the organisation to carry out an ethical hack in order to find weak-spots that could be exploited by hackers. The idea of this approach is to test the security of the organization from the perspective of a hacker and to assist the organisation’s IT team in tightening their security. This service follows on from a server vulnerability assessment but the consultant would go further and actually exploit vulnerability just like a hacker would do. The idea is not to cause damage but to take a snapshot of the actual security of the organisation.
Various methodologies can be chosen for this type of service. The organization may choose to use a white-box approach (conducting the test with known information, etc.) or a black box approach (conducting the test without any information from the organisation). All tests are conducted in a safe manner. Should our consultants gain access to your organisation, sadly it means hackers may have already hacked into your organisation without your knowledge.
We produce detailed reports and highlight our findings whilst making recommendations on fixing the top
priority vulnerabilities and locking down the servers.