Penetration Testing

Customizable approach

CyberDefcon provides Penetration Testing as part of a comprehensive suite of audit tools designed to rigorously test your infrastructure. Whether it's a private network or a public-facing application, we identify vulnerabilities and weaknesses both at system and procedural level. That is, we not only locate vulnerabilities in your software but also in the procedures of the people administrating the infrastructure.

What's more, with a wealth of experience combating cybercrime at all levels, we're able to test from the point-of-view of real hackers.

The process

The process is customizable to fit the needs of your organization and consists of 3 main elements:

  1. System assessment
  2. Testing via a mixture of automated and manual processes
  3. Reporting of results in an easy-to-understand format

We perform testing with varying levels of knowledge of your infrastructure beforehand - full disclosure, partial disclosure and blind - to assess what role obscurity plays in your existing setup.

Intruders are increasingly playing the "long con" to extrude vital data from organizations over sustained periods of time. As a result, compliance officers are being left accountable for intrusions long after they've moved on to a new organization. Why take that risk?

We offer both community and commercial services. Get in touch to find out how we can help you today.

Note: Penetration Testing is a standalone service but is recommended to be used alongside Application Testing when rolling out web-based software on large scale deployments. This ensures your application's code is tested beyond what can be seen through Penetration Testing.