Bearing in mind that the most optimistic statistics of source code say that each 1000 code lines may contain 10-15 mistakes made by programmers. Those mistakes often remain ‘open doors’ for cyber crime activity and enable them nasty code injection. Therefore, frequent external testing help to maintain high internal protection level and bring independent view on a whole security matter.
Such test are mostly used to check out actual protection of your internet application and net infrastructure. Such tests are run to simulate possible attacks and are based on specific program. The whole security state is verify in multivector way starting at net level, throughout application security and access policy. In effect, client gets a detailed report on found vulnerabilities, set solution in order to protect application and recommended solution to improve security.
Yes, they are. Before the start of testing process we verify client, sign up agreement, precise range of activities and detail its procedures. According to our work ethic it is impossible to test without previous signed agreement.
In terms of penetration tests practise individual approach to every client. There is possibility to prep ‘Blackbox’ test (gives partial view on tested system) as well as ‘Whitebox’ system (gives full view on tested system). Usual range of works include:
- SQL injection vulnerability detection
- XSS vulnerability detection
- CSRF vulnerability detection
- authorisation and authentication mechanism validation
- hardware security and configuration validation: firewall, switch, router, proxy server, marker server
- application logic validation
- encrypting mechanism validation
- source code audit
- simulated DDoS attacks https://greywizard.com/en/ddos-audits
Grey Wizard specialize in internet application protection and tackle hundred of security incidents every day. We are able to recognise methodology of cyber criminals and effectively protect our clients. Because on our work nature our team of engineers every day gain new level of knowledge which next use in practise to improve security level of your application.
If you are interested in cooperation with Grey Wizard, please fill in the contact form Our sales team will contact you soon and help you to choose best cooperation model.