For full functionality of this site it is necessary to enable JavaScript. Here are the instructions how to enable JavaScript in your web browser.

Close

Not a member yet? Register now and get started.

lock and key

Sign in to your account.

Account Login

Penetration Testing

Custodis-IT understands that right now nearly every network is vulnerable because we have uncovered potentially disastrous vulnerabilities in virtually every network we have tested. In almost every case, these critical vulnerabilities were missed by previous penetration tests performed by third parties. There are several approaches to doing an independent penetration test:

  • Capture the flag
    The test is targeted at compromising a specific resource – whether it’s reading the CEO’s e-mail account, gaining access to a database, or creating a bogus file, this type of pentest allows for a very focused approach to discovering and exploiting the existing vulnerability in a way that best demonstrates the vulnerability (or invulnerability) of a critical information system or a key resource for the organization
  • Blackbox testing
    This method assumes absolutely no prior knowledge of the tested system by the pentest team – they have to use all their skills, determination and creativity to find as many weak points in the organization’s cyber defense, and exploit these weak points. This is one of the most useful types of testing, because it makes for an excellent “real-life” scenario, helping discover a wider range of weaknesses and security problems
  • Graybox testing
    Typically, in a graybox testing scenario, the pentest team would receive prior information on the network design, the components and applications that are used across the target network/system. This may occasionally save some time and allow the team to focus on vulnerability research and on building exploits

At Custodis-IT, we find the vulnerabilities because our team of security experts knows that hidden doorways for criminals are potentially lethal for any enterprise. And this is why we are committed to finding these doors and closing them. Examples of areas that are commonly tested are:

• Off-the-shelf products (operating systems, applications, databases, networking equipment etc.)
• Bespoke development (dynamic web sites, in-house applications etc.)
• Telephony (war-dialling, remote access etc.)
• Wireless (WIFI, Bluetooth, IR, GSM, RFID etc.)
• Personnel (screening process, social engineering etc.)
• Physical (access controls, dumpster diving etc.)

Custodis-IT delivers:

  • Comprehensive Assessments – minimize risk and improve overall security by proactively assessing vulnerabilities using real-world exploit code and techniques. Evaluate the potential of systems to be subverted through hacking and malware schemes in the same manner that attackers employ.
  • Data Analysis – identify whether or not security solutions and systems defense mechanisms can indeed be circumvented by attacks. Prioritize remediation work by differentiating critical security issues that require immediate attention from those that pose lesser risks.
  • Actionable Reporting – ranked remediation recommendations of compromised assets with detailed, contextual remedies for each.

For more information CONTACT US today or call +31 (0)365 389 322.