Layer 9 Logo

Penetration Testing

Identify security vulnerabilities in your systems and understand how best to fix them

Securing your network infrastructure and applications begins with identifying your vulnerabilities. Regular penetration testing is one of the most effective ways to understand and improve your organisation’s security posture, and provides confidence in your systems and/or software development lifecycles.

These assessments are conducted by experienced and deeply technical security professionals using methodologies aligned with industry standards and best practices.

Web Applications Icon

Web Applications

Comprehensive security testing of your web application will aim to identify and exploit any vulnerabilities and weak configuration. Testing may be conducted from an unauthenticated and/or authenticated perspective in order to provide the most appropriate level of assurance.

mobile icon

Mobile Applications

Identify vulnerabilities in your mobile application, and ensure that it interfaces with the underlying operating system using secure and approved methods. Your mobile application also likely interacts with external resources such as APIs and other web applications that make up part of the application's attack surface.

APIs Icons

APIs

Ensure your application programming interfaces are resilient to malicious input, exchange data securely, and prevent unauthorised access. APIs provide developers with powerful software integration interfaces that dramatically increase the application's attack surface and must be secured.

Wi-Fi Icon

WiFi

Review your Wi-Fi to ensure appropriate access controls, strong encryption, and effective management and monitoring. Your wireless network topology should also provide logical separation between authorised users accessing resources on the corporate network, and guests who normally only require internet access.

Internal Network Icon

Internal Network

Security testing your internal network will identify vulnerabilities and misconfiguration in your systems and infrastructure. The goal is to gain administrative control of the environment and access critical information assets.

External Network Icon

External Network

Security testing your external network will discover and enumerate your entire internet presence, and identify vulnerabilities and misconfiguration that may be actively exploited in order to compromise the environment, access resources, or reach the internal network.

Password Audit Icon

Password Audit

A password audit will validate the strength of passwords used within your organisation. The goal is to measure the effectiveness of your password policy by attempting to crack passwords using a variety of techniques such as brute force, dictionary, and mask attacks.

Kiosk Breakout & Hardening Review Icon

Kiosk Breakout & Hardening Review

Security testing your kiosk will provide confidence that it can only be used as intended, and ensure the security configuration makes it difficult for an attacker to break out and access the host.

Host Security Configuration Review Icon

Host Security Configuration Review

Review the security configuration applied to your hosts. Hardening your hosts makes it difficult for an attacker to compromise the environment by limiting their ability to obtain initial access, elevate privileges, or perform lateral movement.

  • Microsoft Windows Workstations
  • Microsoft Windows Servers
  • Linux
  • MacOS
Firewall Configuration Review Icon

Firewall Configuration Review

Review your firewall to ensure it is well configured and the rules are appropriately maintaining security of the connected networks.

  • Cisco
  • MikroTik
  • Palo Alto
  • Check Point
  • Fortinet
  • Ubiquiti

Connect with us if you’d like to take your information security to the next layer.

connect@layer9.co.nz