What is Penetration Testing?
A penetration test is an assessment designed to find weaknesses and vulnerabilities in your company’s defences. A pen test exploits authentication issues, cross-site scripting problems, source code flaws, logic flaws, and insecure network configurations. It is a test of all of the software and technical infrastructure that keeps your computer systems up and running.
Penetrating testing is your protection against the latest threats, tools, and techniques of criminal hackers. A pentest explores the vulnerabilities and weaknesses in your business’s defences and highlights what action your business needs to take, to protect against the identified threats.
We are a CREST accredited company that employs Offensive Security Certified Professionals (OSCP), also known as ethical hackers. Under a defined scope set out with your company, our hackers systematically infiltrate your systems to find weaknesses in your defence plan and expose vulnerabilities.
Frequently Asked Questions
Penetration testing uses the procedures, techniques, and tools of a genuine criminal hacker to gain access to your systems and data. Hacking methods include brute force, SQL injection, phishing (email attempts to get employees to reveal sensitive data), and vishing (telephone attempts to get employees to reveal sensitive data), with the intent to steal data or deploy custom malware.
Every organisation needs a pen test at least once per year, but more frequently during changes, mergers, customer app-development, and during new service or product launches.
The cost of a pen test depends on the scope of the test agreed and its stated objective. You can contact OmniCyber Security to receive a custom quote for your business.
Automated security testing of your computer systems is known as a vulnerability scan. This technique uses automated tools to search for vulnerabilities that are already known.
Penetration testing should be carried out by a CREST accredited company that uses ethical hackers who are Offensive Security Certified Professionals (OSCP).
There are many factors that dictate how long a penetration test will take. These factors include whether there is an internal test, external test, the scope of the test, the network size, and whether or not the network credentials and company information is shared.
All businesses should have an annual pen test, as well as a pen test during/after any major change to the company network.
The methodology of a penetration test is to first gain access to your computer network and to then move across the system to attempt to gain higher-level privileges.
Remote penetration testing is carried out during an external test but this alone will not test the security of your wireless or internal network.
Penetration testing will not affect or have a very minimal effect on the day-to-day operations of your business.
A pen test report is a customised report that details the weaknesses and risks of your computer systems and networks. A penetration test report will also outline the remedies for the security risks that have been identified.
*T&Cs apply. OmniCyber team require a telephone conversation and a copy of a written quote.