Our security analysts think like hackers, but with an ethical mindset
Mission-critical systems are increasingly vulnerable to attacks that penetrate or bypass perimeter defences, as businesses continue to expand their service portfolios via more open and connected networks.
Penetration testing is one of the best ways of confirming existing vulnerabilities in your IT infrastructure. Since networks and systems are the basis of data communication, exploiting vulnerabilities in these critical assets can lead to security risks such as loss of confidentiality, service downtime and data theft.
Ourpentest activities enable you to confirm your vulnerabilities and take proactive action.
We offer three types of pentest to meet your needs
- White box testing - our analysts have no information about your IT infrastructure. In other words, they act like a hacker
- Grey box test - our analysts have some information about your IT infrastructures
- White box test - our analysts have a little more information about your IT infrastructure
Each type of test has its advantages and disadvantages. The choice of which type of test to carry out depends on our customers' objectives.
Our services
- Gather information about your company, your staff, your IT infrastructure, etc.
- Social engineering of your key personnel
- Cracking your passwords
- Hacking into your wireless network
- Test the resilience of your border devices against DoS and DDoS attacks
- Obtaining critical data
- Access your servers
- Recommend corrective controls
- Provide the report including the action plan
All the activities carried out during each intrusion test phase are based on the best practices defined and the tools recommended by theEC-COUNCIL.
- White box testing - our analysts have no information about your IT infrastructure. In other words, they act like a hacker
- Grey box test - our analysts have some information about your IT infrastructures
- White box test - our analysts have a little more information about your IT infrastructure
- Recommendations for corrective measures
- Intrusion test report
- Evidence collected
- Detecting and correcting zero-day attacks
- Improving information security within the organisation
- Compliance with standards, laws and regulations (e.g. PCI-DSS)
EN 
FR