This service makes use of automated tools and manual inspection, and requires a high level of understanding of the client’s intended use of the system.
The exact process depends on the system or component being assessed, the environment in which it is to operate, and the organisation’s appetite for technical risk.Learn More
This service makes use of automated tools and manual inspection, and requires a high level of understanding of the client’s business model and typical Internet use.
The exact process depends on the network and device being assessed, the environment in which it is to operate, and the types of network activity generally permitted.Learn More
Most organisations will have at least one website, with publically accessible domain registration information, multiple employees’ social media profiles providing an insight into the organisational structure, and a plethora of clues about internal activities that individually are of little value, but in aggregate can lead to compromise of sensitive information.
The team will utilise a combination of techniques to map out likely pathways an attacker might take to gain unauthorised access to an organisation’s information or systems.Learn More
Using both commercial and open-source automated scanning tools, the team can quickly identify and prioritise technical vulnerabilities that may lead to system compromise, or indicate underlying configuration errors.
This type of activity is relatively quick and can be very cost-effective, however, it is also prone to both false positives and false negatives, as it relies on both the effectiveness of the automated scanning solution, and the reliability of the end-to-end communication between the scanner and the target at the time the scan takes place.Learn More