Our approach to penetration and vulnerability testing
Our testing methodology includes best practices from OSSTMN, ISSAF, EC-Council, Certified Ethical Hacker (CEH) Guidelines, CEH Penetration Testing Methodologies, OWASP Top 10 2021, OSSTMM, ISSAF, WASCv2, ASVS, and CWE (Including SANS Top 25).
We use the most advanced toolsets in the market including those from Core Impact, Cobalt Strike, Nexpose, Dynatrace, and Endace.
Our detailed reports cover the vulnerabilities identified and make technical, procedural, and strategic recommendations for remediation. Reports are presented in person to explain the findings and remediation.
They also include an executive summary in business language so non-technical senior managers can understand the recommendations.
Our technical testing services can help:
- Identify vulnerabilities and provide a detailed assessment of security posture
- Obtain a holistic understanding of potential threat scenarios
- Prioritise urgent remediation
- Understand options for remediation and deliver them with certainty
We have multiple staff with each capability or certification or clearance that is required for the delivery of the services