CyBourn delivers penetration testing engagements by leveraging an experienced team of certified penetration testing experts and cybersecurity analysts. Using industry-recognised as well as proprietary scripts and techniques, we design, test and perform a full spectrum of tactics from vulnerability assessments to red/blue team exercises.
Penetration Testing is a method for gaining assurance in the security of an IT system by attempting to breach some or all of that system’s security, using the same tools and techniques as an adversary may utilise. Penetration testing should be viewed as a method for gaining assurance in your organisation’s vulnerability assessment and management processes, not as a primary method for identifying vulnerabilities. A penetration test should be thought of as similar to a financial audit. An audit by an external group ensures that your internal team’s processes are sufficient.
Prior to beginning a penetration testing engagement, the scope and objectives need to be agreed upon with the customer. The customer will be informed of our procedures and project plan. During this phase, we will also make sure to gather permission from the people affected by the pentest.
During discovery, our engineers try to find as much information about the target as possible. This includes open-source information like social media and leak databases or vulnerability assesments, performed either actively or pasively, depending on the engagement.
This is the most active phase, where an engineer tries to gain access to information or in some way find vulnearbilities in the targets. For web applications for example, the tests performed in this phase include OWASP Top 10 Vulnerabilities tests
One of the most important phases of a penetration test is the cleaning. We make sure all files we uploaded to the target systems are deleted, all accounts we might have created are disabled and all exploits are erased.
During reporting, our engineers put together all their findings and add relevant information like the CVE numbers, CVSS ratings, impact analysis and tailored recommendations.
For more information and a quote on our Penetration Testing services please contact us!