A penetration test or ‘pentest’ is an orchestrated attack on your network and computer systems in order to discover potential weak spots, so that we can fix them.
SpotIT offers three different types of penetration test:
This test is executed from outside the organisation without any upfront knowledge except for the IP or URL of the target. We just try to find holes in the perimeter security.
This test is executed from outside the organisation with a standard login and is typically used to test online shop security. For example, we enter with a previously received standard login and then try to order something and have it paid for by another customer, or we try to view another customer’s discounts, etc.
This test is executed from inside the organisation with the full cooperation of the IT and security teams. We request administrator accounts to log into devices in order to check the configuration for security holes.
A real, manual report
For each of these tests, SpotIT uses proven IT tools in combination with the extensive knowhow of our skilled testers. This means you won’t receive just another automated report from a web-based vulnerability scanner, but a manually crafted report showing all the tests and techniques used by our skilled tester to check your security. This report will also contain recommendations for solving any security issues we find.