Penetration Testing

Penetration testing simulates an attacker attempting to gain access to a specified target server or application. We provide On-site and Off-site penetration testing services, which may include Black-Box, White-Box or Gray-Box approach to the given task. A penetration test involves the use of automated testing tools as well as manual test methods to review the security from an external or internal perspective.

Approach

Each of the following tests can be included or customized to meet specific security goals and requirements:

Gray-box

Full knowledge on company’s IPs, network ranges and architectures is provided before testing begins. This is a cost-efficient option, which minimizes time spent on reconnaissance and allows for more thorough assessment of the target network/application.

Black-box

No prior knowledge on the company’s IPs and network ranges. This test simulates a real-world attacker who has to study and learn about the target from public and proprietary sources. Social Engineering is optional with this approach.

White-box

Full knowledge on company’s assets and application source-code is provided before testing begins. This allows our team to immediately investigate and verify a vulnerability by examining the code, instead of trial-and-error testing.

Deliverables

Red Security will deliver, upon project completion, a detailed abd comprehensive report. All of our reports are customizable according to client’s requirements, and typically include an executive summary, detailed technical findings with screenshots and recommendations.