Site Requires

Security Penetration Testing

A penetration test is a coordinated simulation of an attack onto your network, performed by trusted consultants, using the same techniques that hackers use. Penetration tests are the best way to evaluate in detail all the potential threats that your organization faces. By performing a well planned attack simulation, our security consultants will discover flaws which would not have been otherwise seen.

There is a number of reasons why organizations would want to carry out penetration testing, among which is identifying vulnerable systems within the organization, providing assurance to customers and business partners that their sensitive information is secure or even using the results of penetration testing to persuade management to invest in information security technology.

Alkan CIT security specialists use a wide variety of tools to perform internal/external penetration testing yet the methodology depends on the scope of the testing, the size of the organization, the type of networks and operating systems being tested, the type of services and vulnerabilities found. Penetration testing can be broken down into four broad phases:

  • Foot Printing: Determining the subnets and specific hosts within the organization that will be targeted. Are you going to footprint an entire organization or are you going to limit your activities to certain hosts?
  • Host Enumeration: Once the range of hosts have been identified it will be necessary to enumerate hosts that are live and listening on the network
  • Vulnerability Scanning: Determining the specific services (ports) that are available on the hosts identified in the previous phase and document all known attacks these services may be exposed to
  • Penetration Testing: Running exploitation tools against selected hosts in order to identify possible vulnerabilities that may be exploitable using common Hacker methods