Penetration Testing Services
Internal/External Penetration Testing
A penetration test is a method of evaluating the security of a computer system, network or application by simulating an attack by a malicious hacker. The process involves an active analysis of the system for any weaknesses, technical flaws or vulnerabilities. This analysis is carried out from the position of a potential attacker, and can involve active exploitation of security vulnerabilities. Penetration testing can be performed outside the external security perimeter or internal to the external security perimeter.
What can penetration testing do for you?
Penetration testing helps an organization to realistically evaluate the strength of its security management program and identifies the areas for improvement in people, processes and technology that are necessary to keep hackers and thieves from gaining access to, modifying or destroying confidential information. ControlCase's Penetration Testing services help our clients improve their security management program more rapidly and cost effectively.
ControlCase Penetration Testing Services
ControlCase Penetration Testing Services are flexible and can be tailored to meet specific client requirements. Our overall methodology is modeled after the Open Source Security Testing Methodology Manual (OSSTMM), an open standard that is a peer-reviewed, comprehensive security testing methodology besides a tried and tested method of security assessment.
The scope of our testing addresses: computer and telecommunications networks; information data controls; wireless devices; mobile devices; security processes; fraud; security awareness levels; social engineering control levels; physical security access controls; and physical locations.
All security issues that are identified are presented to the client together with an assessment of impact and recommendations for mitigation or a technical solution.
ControlCase Penetration Testing Services can be performed as a standalone service or can be bundled with other ControlCase Managed Compliance Services as desired.
Penetration tests can be a one-time project or can be scheduled to occur multiple times a year on a routine cycle. Each test is preceded by confirmation from our MCS team regarding the scope of the test.