In penetration testing, also known as pen testing, we simulate a cyber-attack on an entity agreed with the customer with the intention of gaining access to the most critical data or system. Attacks are performed by means of both manual testing and software tools as well as making strong use of hacker-like thinking.
Penetration tests can be performed at different scales and they can be targeted, for example, in the following ways:
- The customer’s external network and its services
- The customer’s intranet and its services
- Agreed network segment and its services
- A customer’s specific service
- Guest network or wireless network
Penetration testing starts with a discovery phase, where our hackers map out the customer’s available services and the existing attack surface, looking for the most appropriate point to penetrate further. The hacker then attacks the targets using the agreed methods and thereby seeks to find his way forward towards the customer’s more critical data.
Penetration testing is well suited for organizations that wish to ensure the technical security of service entities.