Technical Penetration Testing
Technical penetration tests are designed to test the technologies in place in an organization. Technical penetration tests can be conducted in two ways:
White Hat: White hat tests, also referred to as “open,” are performed with full knowledge of the target company’s IT department. Information is shared with the tester such as network diagrams, IP addresses, and system configurations. The white hat approach tests the security of the underlying technology.
Black Hat: Black hat tests, also referred to as “blind,” closely represent a hacker attempting to gain unauthorized access to a system. The IT department is not aware a test is being performed and the tester is not provided detailed information about the target environment. The black hat method of penetration testing evaluates both the underlying technology and the people and processes in place to identify and block a real world attack.
About Technical Penetration Testing
A-LIGN offers the following technical penetration testing services:
- Network layer testing: This includes testing of network devices such as servers, firewalls, routers and switches in order to identify security weaknesses such as unpatched systems, default passwords, and mis-configured devices.
- Web application testing: This includes testing the web application’s authentication mechanisms, input screens, functionality, and user roles to identify the weaknesses inherent in the development of the application. Additionally, A-LIGN tests for common vulnerabilities, such as those published by OWASP and SANS Top 20, as well as those unique to your web application.
- Wireless Network Testing: This includes the identification of wireless access points, components that can be discovered and connected to, and potential vulnerabilities in the network. A-LIGN then locate access points, map the environment to identify vulnerabilities and then attempt to exploit the vulnerabilities.
Penetration Testing Solutions Tailored to Your Company
Choosing A-LIGN as your partner in becoming penetration tested certified benefits your organization by:
- Alerting your organization of serious findings as they are discovered so that your organization can begin remediation efforts.
- Utilizing manual techniques, custom scripts and advanced techniques to ensure system security.
- Providing your organization with an experienced team that holds certifications such as CEH, CPT, CISSP, CISA, eCPPT and more.
The A-LIGN Edge
Our customized compliance solutions and streamlined audit process allow you to meet all of your audit and compliance needs with a single service provider. One-stop shopping means a stress-free audit process for you, as you work with one team who understands the unique needs of your organization. See what our clients have to say: