Why you might need this service
Over the last decade, threat vectors previously encountered only by nation states have become increasingly common. The Cynergy team has been mitigating and managing the risks from these attacks for organisations for many years, and as the threat landscape shifts, so too have the number of organisations requiring access to our seasoned and trusted security professionals.
Penetration testing helps to identify security vulnerabilities which might otherwise leave your company open to compromise.
Our team has a proven track record in finding such vulnerabilities in some of the most complex, and sophisticated IT environments.
Our security testing services are designed to:
Security exposure to risk Identity and fix security vulnerabilities before they can be exploited by criminals
Discover Attack Surface – Identifying all your-exposed assets and their location.
Attack Development and Execution – Once the results of the initial attacks are known, attacks are redefined and developed further.
Gain Foothold – Should they be successful, the attacker has gained a foothold and the attack will be developed further to gain firm access.
Controlled Exploration of Access – The attacker will take advantage of whatever access has been gained. This may be access to data and information, or the exploration of further attacks.
Reporting – A detailed penetration test report. Vulnerabilities and security flaws will be ranked in order of criticality using the open industry standard Common Vulnerability Scoring System
(CVSS) framework. This will detail all vulnerabilities and security flaws found and the recommended remediation.
Our approach to security testing is based upon an organisation’s requirements, and the required outcomes. Tests can be performed from the perspective of an external attacker with no knowledge of the target services or infrastructure, as an authenticated authorised user, or with comprehensive understanding of the service and its design.
Once the assessment is complete, the scope and objectives of the service will be documented including terms of reference. Stakeholders, and their roles, will be agreed, and submissions and outputs formalised.
The delivery of the service will include ensuring submissions are received on time, compiled into the appropriate packs and distributed to all attendees, with minutes and actions recorded, published and tracked.