Ever wondered whether your network is secure against hackers ? Well we can tell you that for sure, from our certified penetration testers.
Simply Penetration test is a simulation of a hacking attempt to assess the computer systems security strength.
Penetration Test is a method of evaluating the security of a computer system or network , the process involves an active analysis of the system for any potential vulnerabilities by simulating an attack from a malicious source.
Test phases are Reconnaissance , Enumeration , Exploitation and Documentation.
What can be tested in the penetration test ?
- Servers and Workstations
- Web Server (IIS , Apache , Nginx , Lighttpd , Litespeed)
- Database Server ( Oracle , MSSQL , MySQL , cassandra )
- Domain Controller ( Active Directory )
- Network Devices ( Routers , Switches , Firewalls , IPS )
- Wireless Networks (Wi-Fi , Wi-Max )
- Applications ( Web Applications , Desktop Applications )
- Employees (Social Engineering)
Fixed Solutions Provides Several ways for the penetration testing:
- No -Knowledge (Known as : Black Box): This test assumes no prior knowledge of the infrastructure to be tested
- Partial Knowledge Test (Known as :Gray Box ): This test assumes partial knowledge of the infrastructure to be tested
- Full Knowledge Test (Known as: White Box): This test provides the testers with complete knowledge of the infrastructure to be tested, often including network diagrams, source code, and IP addressing information.
Our Information Security Standards
OSSTMM “Open SourceSecurity Testing Methodology Manual”
– Very practical approach
– Checklists of what and in which order to test
ISO 17799 / BS 7799 Standard for Information Security
– Focuses more on the policy and paper work side of security
– Extensive catalog of security controls
– Defines a standard for audits
NSA / NIST Guidelines for Network Security Testing
PCI DSS Payment Card Industry Data Security Standards
Fixed Solutions penetration testing engineers are experienced with conducting tests which address the PCI DSS quarterly vulnerability scan and annual penetration test requirements.