Penetration Testing

Penetration Testing will simulate a threat actor on a predefined scenario regarding his standpoint and level of knowledge towards the target systems/networks.
Typically, the attack simulation is performed either from the internet towards the external perimeter of the target or from the internal network that effectively simulates a malicious employee, vendor or even an already compromised system that is used as a foothold by the attacker.

The approach is goal oriented and aims to demonstrate the maximum impact of a successful cyber attack that could allow a third party to obtain unauthorized access to the data served by the target systems with respect to the confidentiality, integrity and availability of the latter.

The objectives of a Penetration Testing are:

• Discover and exploit security weaknesses on the target networks/systems
• Identify synergies among the exploited weaknesses aiming to amplify the impact of the attack
• Identify the level of technical risk associated with these weaknesses
• Recommend countermeasures to negate these weaknesses or reduce the associated risk to an acceptable level

The Penetration Testing is conducted using industry-leading tools and manual penetration testing techniques that aim to identify and exploit both known and unknown software flaws, misconfigurations and operational/control weaknesses while focusing on an in-depth coverage.