Penetration Testing
Penetration testing simulates an attacker attempting to gain access to a specified target server or application. A penetration test involves the use of automated testing tools as well as manual test methods to review the security from an external or internal perspective.
External Penetration Testing
Externally facing systems are constantly at risk to attack from the Internet. Newly developed applications and servers to be deployed should all be tested prior to making them publically accessible to ensure the security of the network as a whole.
The team at Insomnia Security has years of experience in carrying out penetetration tests against externally facing network devices, servers and web applications developed on all platforms, and can assure you of a high level of security after a review has been completed.
Internal Penetration Testing
It is common knowledge that a large number of information security attacks occur from within. By allowing Insomnia to step into the role of an employee, we are able to review the network from the inside to determine the security posture of the internal network.
Usually specific targets are set, such as accounting/payroll/research systems, with the aim of gaining unauthorised access to the targets from various starting points.
Review Includes
- Attempted unauthorised access to applications, user data, services or internal network devices
- Credential brute forcing and password guessing
- Researching previously undiscovered vulnerabilities
- Testing for all known web application vulnerabilities
- Vulnerability assessment and network service review
Full service descriptions, methodologies and sample reports are available upon request
