As required by control A.18.2.3, an organization should conduct periodic reviews of technical compliance, in other words, make sure that systems are protected as described in the policies.
What better way to make sure your web site, portal or application (and the data that is stored in them) are safe, than to ask an actual hacker to try to break in?
Your server, web site or web application will undergo a proper wash down, using known vulnerabilities and lesser known hacking techniques. Common vulnerability scanners may be used as a starting point, but an ethical hacker has the proper knowledge to interpret the results and go several steps further.
Penetration tests exist in three flavors:
- Black box: The ethical hacker has no or a little knowledge about the system to be scanned. Usually just a URL and the name of the company. This allows the test to take place without any prejudice.
- Gray box: The hacker is provided with extra information, usually credentials so he/she can log in and go deeper into the software. This can be a starting point to see if user privileges can be escalated in any way.
- White box: The hacker is provided with as much information as possible, such as used technology, architecture diagrams or even insight in source code. This will help him/her finding possible weak spots beforehand and may even reduce the effort needed to produce usable results.
Together with our partner PuraSec we are excited to be able to offer the following package to get you started:
- A check-up regarding the security of any online environment such as a web application, platform or network
- The pentest is executed by a team of experienced ethical hackers, using the most effective combination of black box, gray box and white box testing
- Next to a scan for common vulnerabilities (as detailed in OWASP top 10) they will determine whether its possible to expose unwanted functionality or information
- The pentest has a lead time of one week, including the creation of an extremely readable management summary of the findings and recommendations
- The results will be discussed with you in person
Prices start at € 3.850, contact us for more information!
Depending on your location, local taxes may apply (read more).