|
Internet-Based Attack and Penetration Tests
This is an audit service intended to detect potential known security vulnerabilities in corporate resources (web applications, ftp, e-mail, web, firewall, etc.) before attackers can discover them. The test employs various scanning tools as well as manual tests. The main steps for a penetration test are:
1. Exploration Phase
Using active and passive methods, detailed data is collected about systems in the scope. Generally a network map is prepared and information is gathered on access methods and rules, IP addresses, existing systems, and port activities.
2- Automatic Security Scanning
This phase performed by utilizing the suitable automatic tools to detect security vulnerabilities.
3- Manual Check Phase
BizNet experts conduct a detailed analysis on security vulnerabilities detected during the automatic searches. This phase is particularly important for allowing reports to reflect the best and most reliable results.
In order to detect gaps that probably escaped detection during automatic scanning, our experts use different manual methods, custom scanning tools and scripts to conduct a more advanced check.
4- Reporting
In this phase results are presented together with technical details in an accurate and easy to understand report. These reports contain information on risk levels and remediation guidelines prepared both for executive and technical staff, either in Turkish or English.
5- Verification Phase
This phase consists of security scanning conducted after the elimination of security gaps by the company upon receiving the reports. This phase only verifies that the security vulnerabilities detected during the initial phase have been removed from the system.
|
Site Map
