NSI’s Offensive Cyber Security Unit utilises a multi-layered approach based on industry best practice (ISO27001 to ISO27005, ASD Essential 8, ACSC), when conducting physical and cyber penetration testing.
NSI Global's Offensive Cyber Security Penetration Testing Methodology
Phase 1 – Intelligence and Planning
The first phase involves our Offensive Cyber Security Unit (OCSU) determining the logistics, scope, expectations, objectives, and goals of the services to be offered. This phase will also establish if we use a black, white, or gray box penetration testing method.
Phase 2 - Surveillance and Reconnaissance
This phase allows our team to gather detailed information about your organisation such as processes, information systems, applications, and technology utilised.
Phase 3 - Mobilisation
Once our team gains a complete understanding of the scope and components to be tested, the attack will be simulated in a controlled environment. This step is vital as the unit can determine where the limits of the test should end.
Phase 4 – Execution
The plan is now put into action. Our OSCU uses specialist methodologies and technologies to detect all types of vulnerabilities.
Phase 5 – Reporting
A comprehensive report including an executive summary will be complete. Our team will arrange a debrief with your executive and security teams.
Phase 6 - Mitigation
Recommended mitigation strategies and countermeasures will be thoroughly outlined for all exploits and vulnerabilities discovered.
Phase 7 - On-Going Review
A regular review schedule is implemented to review mitigations, countermeasures, and strategy. This ensures effectiveness of implementation, reveals arising vulnerabilities or concerns, and identifies opportunities for increased efficiency.
Industry Heavyweights and Government Departments Trust NSI Global
You can have the same peace of mind.
NSI Global has provided organisations with the intelligence they need to make informed decisions. We can arrange an appointment for a confidential discussion at our radio shielded, secure office in Sydney Olympic Park. This location is under 24 hour surveillance and has been fortified against bugging technology to ensure your privacy.