Services Portfolio

 Security planning
 Security analysis
  IS security assessment
  Penetration testing
  Threat & risk assessment
  Application security assessment
  Security architecture design
 Other services

Penetration testing

Penetration test is a method of evaluating the security of information systems or networks by simulating an attack of a malicious hacker. The process of penetration test involves an active analysis of the system for any weaknesses, security flaws or vulnerabilities. This analysis is carried out from the perspective of a potential attacker and often involves active exploitation of security vulnerabilities.

The methodology of penetration testing used at ITSEC Asia combines black box (no knowledge of the target system) and white box approach (partial knowledge of the system). As in every ITSEC consulting service, during penetration test project we focus on knowledge exchange with our client. Together with a project�s final report we deliver number of presentations to executives, management and technical team accompanied by comprehensive training which guarantees thorough understanding of methods used during the penetration testing and ensures perfect understanding of prepared recommendations. Our methodology ensures rapid implementation of recommended changes and provides immediate security improvement. Penetration tests also boost security interest among client�s personnel which in long term has an exceptionally beneficial effect on the overall security of client�s information systems. During penetration test we also use a combination of industry standard security tools as well as self developed proprietary tools and techniques.

All identified security weakness and vulnerabilities will be presented to the client with a risk assessment and recommendation for risk mitigation method. For each finding we also explain and rate risk involved, explain and rate the complexity of implementation of our recommendations.

Penetration testing is definitely our most popular service and is often delivered to our clients on regular basis. Key benefits mentioned by our clients include:
  • Identifies most critical security weakness to be solved immediately, thus preventing damage to the organisation;
  • Most efficient awareness increasing tool;
  • Practical security review of implemented security measures;
  • Allows better understanding of risks and impact of vulnerabilities;
  • ROI thanks to optimised security measures, identification of high risk areas and improvement of security procedures; secure information infrastructure is also cheaper to maintain.
If you�d like to learn more about this service please click button below to request a presentation or leave a message to our sales personnel.

Copyright � 2004-2013 ITSEC Asia. All rights reserved.