Why would I want to launch an attack against my organization ?
To highlight the security vulnerabilities of the applications you use daily, which can be entry points for hackers.
How does the intrusion test work ?
Our experts carry out manual audits of your applications. Each audit is different and tailor-made according to your needs. These are not automated vulnerability scans, our experts will track down the security vulnerabilities of your application system one by one.
For what result ?
The penetration test highlights the security vulnerabilities of your IS and your organization. This procedure identifies all vulnerabilities that can be exploited by a malicious hacker in order to fix them before they get exploited.
How does a penetration test work ?
4 complementary steps
to set up
Our experts help you determine the tests to set up in your organization according to your procedures and needs. It can be a test on your internal networks, your applications or your infrastructure.
To launch a Pentest, our experts must determine an intrusion test approach. This consists in giving more or less extensive access rights to the ethical hacker.
Security vulnerabilities that can be exploited by a real hacker are highlighted for you. All the vulnerabilities identified by our hackers are really exploitable by a malicious hacker.
To go further than a vulnerability report, our experts will provide a real summary of the vulnerabilities detected but also the countermeasures for each of them.
Choosing the penetration test "mode"
Different types of penetration tests exist and differ by the rights you give, or not, to the pentesters. Our team helps you determine the most appropriate choice according to your situation, among the 3 following existing pentest modes:
Audit in black box mode
Black Box Pentest
Like a real hacker who has no access rights to your systems, our pentesters will also have no access and will attack your organization under the same conditions as an external malicious hacker.
Audit in grey box mode
Grey Box Pentest
Our Pentester will have access to some information about your systems, as an employee of your organization would have, via internal access, for example.
Audit in white box mode
White Box Pentest
Our Pentester will have access to all key information and will work with your employees as a team to identify as many vulnerabilities as possible. For example, he will have access to the code of your applications, sites or APIs.
Understanding the differences between Black Box vs Grey Box
Delivery of your intrusion test report
To conclude the Pentest, you will receive a complete and synthetic penetration test report that can be understood by all (not only the technical teams but also the rest of the staff). You will find there :
The advantages of Ziwit Consultancy Services reports :