Network Penetration Testing

In order to assess the overall IT security posture of your company, why not test your defences against a group of experienced security professionals (ethical hackers)? How would your employees react to a potential breach? Would they even realize a security incident is taking place? A network penetration test intends to answer these questions and entails a strictly defined scope, the utmost confidentiality and a real-world scenario whereby our team will actually try to penetrate your network and enumerate any vectors a potential attacker may use to gain unauthorized access to your infrastructure. The aim of this service is to imitate a malicious attacker in various situations – for example, an anonymous party, or a malicious insider with limited access to internal infrastructure (an employee). The exact scope and situation vary from client to client.

dots. employs a team of IT security specialists and ethical hackers (CEH, OSCP, GPEN, CISA, CISM, CISSP) who are experienced in both gaining access in unintended ways, as well as mitigating any potential security issues. The main goal of a network penetration test is to identify as many vectors as possible whereby a malicious party may gain unauthorized access to the company’s infrastructure. This kind of testing incorporates methods and techniques employed by black hat hackers; however, unlike black hat hackers, our team will identify several possible vectors of attack and document them clearly for mitigation purposes. At the end of the project, the client will receive a report with clearly described steps and techniques employed to bypass the security mechanisms and systems of the organization, as well as recommendations that would help avert such attacks.

The scope of an IT penetration testing is to simulate an actual attack against the company’s infrastructure, thus identifying any vulnerabilities or misconfigurations which could be leveraged to access the company’s infrastructure in an unintended manner.

• A practical test of the company’s overall, actual security posture.
• Identification of vulnerabilities and possible vectors of attack.
• Recommendations for risk mitigation.
• Recommendations on system hardening.
• Improved knowledge of IT security for employees.
• A plan of action to eliminate vectors of attack.