An introduction to penetration testing  
Portcullis penetration test and  
security testing services  
 An Introduction to Penetration Testing and Security Test Services Contact Us Front Page
 

An Introduction to Penetration Testing

There is no disputing the facts... the number if hacking and intrusion incidents is increasing year in year as technology rolls out. Equally, there is no hiding place, you can be found through a variety of means: DNS, Name Server Lookup, NSlookup, Newsgroups, web site trawling, e-mail properties and so on.

Whether the motivation is financial gain, espionage, political, intellectual challenge, or simply trouble making, you may be exposed to a variety of intruder threats.

For these reasons, professional penetration services are growing in popularity. Organizations are increasingly aware that controlled security vulnerability testing is a major element in identifying exposures, and ensuring that they are not exploited by a hostile party.

The objective of penetration testing is of course to investigate the system from the attacker’s perspective. The primary aim is to identify exposures and risk before seeking a solution. This web site is intended to offer greater understanding of this practise, and introduce a recognised and trusted service.

IP PENETRATION TESTING

 

DIAL-IN TESTING


Two types of IP Penetration Tests are available - Evidential testing and testing performed under the CHECK scheme.

The latter tends to be employed for those who consider themselves to be potentially greater targets for hostile parties, and is far more structured and comprehensive than the former.

 


Many organisations rely on dial-in systems, perhaps for travelling personnel, engineers or even small office contact. Some also use dial-out for internet access.

Dial-in covers both these systems, and embraces a number of distinct tests (including modem testing and wardialling).

INTERNAL TESTING

 

BESPOKE TESTING


Despite the meteoric rise of hackers in the public consciousness and the very real increase in the number of external attacks on company’s websites and internet connections, reputable authorities such as the National Audit Office still maintain that internal attacks are much more common.

 


For some customers, additional services are necessary. In addition, some attacks cannot be included in a penetration test for legal reasons. If a client has a specific security testing requirement, it is usually possible to identify a solution.

NOTE: All the above tests can be performed as a White Paper Analysis paper analysis instead of a 'hands-on' assessment.



penetration-testing
The Portcullis Penetration Testing Service

Our Penetration Test Team has been in existence for around fifteen years and includes some of the most highly respected engineers and technicians in the industry. They also participate in a continuous training programme as is required by the ISO 9001 standard.



penetration-testing
Further Information

We hope that this web site has been of substantial use. If, however, you need any further assistance or information on penetration testing or intrusion detection, or have any comments on this issue, please contact us




Useful links:
CESG, DSTL
ISO 17799
Information Security Policies, Others
DR / Business Continuity  



HOME ~ WEBLINKS ~ CONTACTS

Copyright © 2004   The Penetration Testing Group    
ISO 17799 and Gateway Listed