RocketTheme Joomla Templates
     
Home Services Penetration Testing
What is a Penetration Test?

It’s a systematic check of your Information Security systems, controls, protocols and procedures. We rigorously test the systems that you put in place to protect your business.

Simply put, we’ll attempt to professionally hack your systems.


But a thorough assessment doesn’t end there, Information Security penetration testing doesn’t end at the external electronic perimeters of your company firewall.  It must also challenge the physical boundaries of your business including building security and staff responses to a security breach.

Then we deliver a comprehensive report detailing the strengths and weaknesses of your protection from physical and electronic intrusion.

Why should you use a Penetration Test?

 Securm Limited
There are lots of reasons to test the security of your network.  It may be to comply with your regulators such as the Financial Services Authority, or you may wish to hold yourself to the highest international standards.
  • If you have installed a new computing system, you’ll want us to test its vulnerability.
  • If you’ve installed a new alarm system in your office, you may need to test its effectiveness before its first real world test.
  • If you’re about to make a number of people redundant, you may wish to test that they don’t have access to anything sensitive.
In brief, whenever you need reassurance that you’re protected, Securm will test your systems, review your options and advise you on response implementation.

The most common type of Penetration Test is the Website Test. Generally speaking, our clients want to test their vulnerability after making changes to their website.  Our test reveals any potential for exploitation.

What do I get from a Penetration test?

Securm advise that a full, professional Penetration Test should include the following as minimum best practice:

Technical report – Written in the language of your technical staff.  It details all technical findings from missing patches to potentially exploitable vulnerabilities.  Your staff can use this report to immediately implement changes.

Executive report – Written in plain Boardroom English.  It details the findings of the test in clear and concise language.  It outlines that risk of each vulnerability against the ease of potential exploitation.

Methodology – Explains what tests will be carried out. Details when and what the results were.

Electronic Audit Logs – Access to the test logs if you wish for a second opinion.

Audio and video logs – Evidence of physical security breaches.

Team Reports – Explains what each tester did and what the outcome was.

Finally, you should have meeting with the Testing Manager to discuss all aspects of the testing and present the report to your Board and technical staff.  They will also answer any questions about the test.

What assurances should testers provide?

All testers should provide the following as a minimum standard:

  • References from two previous clients
  • Proof of Insurance
  • Contract
  • Non Disclosure Agreement (approved by your legal team)
  • Details of Testing Methodology

What’s next?

 

Test your perimeter before someone else does!

Call us Now on 0800 612 4074 or via our Contacts Page

 

 
 

Our Clients

Please update your Flash Player to view content.

Our Services

Risk Management
Our highly trained consultants can give your ISMS an overhaul in preparation for an FSA visit or if you are held to other standards, such as ISO27001, we can also check that your data is adequately protected in line with your business needs.


Business Continuity
The last thing that any successful business needs is to loose is its trading systems… for any amount of time. The FSA has realised this and has recently added this as a requirement to protect your investors’ money. If you don’t have a Business Continuity Plan then now is the time to get one.


Penetration Testing
A penetration test is a way to Externally Audit your company from a Criminals perspective. Through the art of Deception and online hacking, Securm will audit both your staff responses (Social Engineering) and your Electronic Footprint (Ethical Hacking).


Training
Our well motivated staff will train your staff in your new ISMS or BCP. If you just need basic security training, we can take your staff through the basics and bring them up to speed, thus ensuring the weakest link becomes the strongest link.


Data Destruction
Send Securm your old data, in any form, and we will securely destroy it. Any type of data destruction undertaken, hard drives, paper documents, backup tapes, old hardware (Routers, Firewalls). We will then dispose of the waste along with Government WEEE directives.