Home Penetration testing

Penetration testing

Penetration test or pentest is the most important step in auditing the security of enterprise information systems, it allows business owners to be sure that the company will withstand external attacks, and the main business processes will not be disrupted by the actions of criminals. Penetration testing significantly reduces the risk of loss from cybercrime.

The name pentest comes from the English phrase penetration testing. This procedure first appeared in the West. This test is now used worldwide.

In the process of penetration test, FS Group specialists check all nodes of the information system on which the normal functioning of your business depends – website, mail server, client and mobile applications.

Penetration test models

  • BlackBox

Only publicly available data on research objectives, networks and their parameters are available

  • WhiteBox

The specialist is provided with all the necessary data for a rapid penetration test

  • GreyBox

The contractor has access only to publicly available data, and also periodically requests information about the system to reduce research time or make more effective efforts

Want to know more?

Get a consultation
Application-level testing contains requirements for:
  • OWASP ASVS
  • OWASP Testing Guide
  • PCI DSS
  • NIST SP 800-115
  • ISACA Penetration testing procedure (P8)

Competences of specialists

The company’s employees received the following certificates:

  • CEH
  • CIS
  • CISSP
Types of reporting provided
  • Test plan
  • Interim information on the progress of work
  • Final report on the results

 

The final report consists of two parts, they contain:
  • information on assessing the level of security of the customer’s system with the mandatory addition of successful exploitation of vulnerabilities
  • recommendations for eliminating or minimizing the identified vulnerabilities
  • classification of all found risks

 

Information system security is one of the most important points that every entrepreneur should pay attention to. The penetration test will help to check the level of security of the system

Advantages of the penetration test
Effective attack vectors
Effective attack vectors

The most appropriate vectors are selected for the test depending on the client's requests

Work experience over 7 years
Work experience over 7 years

Extensive experience allows us to perform our duties quickly and efficiently

Support service
Support service

If a customer suddenly has a problem, they can contact our support staff to resolve it as soon as possible

Related products and services
FS PHISHING

Simulator of sending phishing emails in order to understand the probability of a successful phishing attack on the company and plan activities to increase the level of education of employees to counter phishing attacks

• Integration within the corporate network
• Development of phishing pages for your requirements
• User texts in emails
• Setting up the system for a mail server

More
FS OSINT LAB

WEB-solution that helps to verify employees and contractors on data from open and closed sources, as well as with Big Data FS Group

You get access to unique data, make it easier for employees of different departments, for example:

• purchasers
• HR
• compliance officers
• lawyers
• financiers

and among other things - you get a centralization and a single point of entry of data, which can work with different departments of the organization

More
FS IRT

Package of services for investigation, analysis and investigation of information security incidents

The minimum package includes:
• consulting with experts
• investigation of the IS incident
• comprehensive forensic examination of digital evidence
• reports on individuals / legal entities from open and closed sources
• a monthly newsletter with information about vulnerabilities actively used by hackers and recommendations for increasing the level of protection
• penetration testing
• scanning web applications and resources

More
FS MNG

Software product for detecting compromised accounts of the organization in open and closed sources

Thanks to FS MNG you can:

• identify compromised accounts, including when compromising third party resources
• prevent data leakage
• protect against the use of compromised passwords
• be informed about the leaks before it is widely covered in the media

More
FS TI

A software product that contains a list of anonymized IP addresses in the TOR, PROXY & VPN categories sold in public and in DarkNet. Allows you to identify anomalies in network traffic, application traffic and can be used in various ways

• Proactive approach to TI collection
• More information for decision making
• Earlier provision of data and thus prevention of attack
• Compatibility with most vendors' solutions
• Complementarity with other feeds

More

Like many other companies, FSG uses cookie technology on its websites to improve your user experience, as well as for the correct operation of the website.

If you agree to the use of all cookies on this site, click the Ok button. To learn more about cookie technology, its benefits and how FSG uses it, check out our Privacy Policy.