Web and server/desktop application penetration testing
Web and server/desktop application security testing offered by dots. is carried out and documented according to the OWASP (Open Web Application Security Project) and other relevant guidelines.
Testing is done in multiple phases and usually entails the following as a minimum:
IT Infrastructure penetration and/or security testing
IT network infrastructure Penetration Testing (LAN/WAN/WLAN). Internal and/or external networks can be tested, including Wi-Fi.
Internal LAN network security testing can be also performed on premise or through VPN (we have access to network). In this scenario we can simulate potential threats, that could be performed by your employees.
Mobile application penetration testing
We can run Android & iOS platform supported application penetration testing. It is highly recommended to perform tests for mobile applications, as they are widely used and is important target to hackers.
Black-Box penetration testing - Black-Box testing can be executed on Your IT infrastructure or/and application. In this scenario our testers act as attacker from outside without any knowledgebase (except the one that is available publicly) regarding “target - victim” system.
Gray-Box penetration testing - By performing Gray-Box testing, our testers have some official information about system/environment/application. An example, full/part architecture information or access to the internal account. In this scenario we focus more how the potential threats can be exploited, if attacker has already access to your system.
White-Box penetration testing - Next level of Gray-Box testing. Tester has all information & documentation about target system, including source code (if target is application).
We are happy to share our knowledge, experience and expertise. Let us know what you need, and we will contact you directly.