Penetration Testing

Identify security vulnerabilities in your systems and understand how best to fix them

Deeply technical expert insights. Securing your network infrastructure and applications begins with identifying your vulnerabilities. Regular penetration testing is one of the most effective ways to understand and improve your organisation’s security posture, and provides confidence in your systems and/or software development lifecycles.

These assessments are conducted by experienced and deeply technical security professionals using methodologies aligned with industry standards and best practices.

Web Applications

Comprehensive security testing of your web application will aim to identify and exploit any vulnerabilities and weak misconfiguration. Testing may be conducted from an unauthenticated and/or authenticated perspective in order to provide the most appropriate level of assurance.

APIs

Ensure your applications programmatic interfaces integrate and exchange data securely, are resilient to malicious input, and protect against unauthorised access. APIs provide developers with powerful programmatic interfaces that attackers will often try and exploit in order to compromise your systems or access sensitive information.

Internal Network

Security testing your internal network will identify vulnerabilities and misconfiguration in your systems and infrastructure. The goal is to gain administrative control of the environment and access critical information assets.

External Network

Security testing your external network will discover and enumerate your entire internet presence, and identify vulnerabilities and misconfiguration that may be actively exploited in order to compromise the environment, access resources, or reach the internal network.

Password Audit

A password audit will validate the strength of passwords used within your organisation. The goal is to measure the effectiveness of your password policy by attempting to crack passwords using a variety of techniques such as brute force, dictionary, and mask attacks.

Kiosk Breakout & Hardening Review

Security testing your kiosk will provide confidence that it can only be used as intended, and ensure the security configuration makes it difficult for an attacker to break out and access the host.

Host Security Configuration Review

Review the security configuration applied to your hosts. Hardening your hosts makes it difficult for an attacker to compromise the environment by limiting their ability to obtain initial access, elevate privileges, or perform lateral movement.

  • Microsoft Windows Workstations
  • Microsoft Windows Servers
  • Linux
  • MacOS

Firewall Configuration Review

Review your firewall to ensure it is well configured and the rules are appropriately maintaining security of the connected networks

  • Cisco
  • Mikrotik
  • Palo Alto
  • Checkpoint
  • Fortinet
  • Ubiquiti

Connect with us if you’d like to take your information security to the next layer.

connect@layer9.co.nz