Infrastructure penetration testing
Our certified ethical hackers take on the role of a malicious hacker and use techniques from the first four stages of MITRE ATT&CK to identify security weaknesses exposed by the infrastructure. As part of the service, an OSINT analysis is performed to obtain intelligence, an automated vulnerability analysis, a "manual" analysis, the exploitation of vulnerabilities, the identification of business risk (post-exploitation), and finally the reports.
Benefits
Prevents incidents
Regulatory compliance
Test security in a real-world scenario
Requirements
Time restrictions for scans
Black box: IP addresses or URLs
Gray box: IP addresses or URLs and standard user for servers
White box: IP addresses or URLs and administrative user for servers and other devices (firewall, switch, etc.)
Deliverables:
An executive report and a technical report from the tool in PDF format for subsequent delivery to the client. If many instances of vulnerabilities are found, an Excel list with all additional instances may be attached.