NSI Global’s penetration testing (ethical hacking) service tests the security of your IT systems, by recognising and exploiting weaknesses. This process involves the profiling of your organisation from the perspective of its most likely threats, business processes, and technology that supports your operations.
Doing so will allow us to determine the flexibility of your environment to malicious attempts to penetrate your systems. All methodologies are based on industry best practices. We use tools similar to those used by attackers on the internet and tools that are developed in-house. We do not use scanning tools such as vulnerability assessment tools as attack scenarios are often overlooked. Types of penetration testing includes:
- White box pen testing (where the tester is provided with full network and system information),
- Black box testing (where the tester is provided with no network and system information, similar to an unprivileged user so as to simulate an authentic attack), and
- Grey box testing (where the tester is only provided limited information such as login credentials).