Our experienced CREST-certified pen testing pros attempt to breach your security controls and gain unauthorised access to your business data – using the same techniques a hacker would use.
Experienced CREST-certified testing team
Full service security advice & support
‘Real world’ hacking methodologies
Actionable risk-based report – sample available
Reveal real-world exploitable vulnerabilities on systems, services & applications exposed to the internet.LEARN MORE
Whether an attacker with access to internal systems, or a rogue employee, understand your internal network risks.LEARN MORE
Identify vulnerabilities on your web applications which could lead to unauthorised access or data exposure.LEARN MORE
Assess and understand your susceptibility to human manipulation via email, phone, media drops, and physical access.LEARN MORE
Comtact’s experienced penetration testing team employ the latest testing strategies and techniques to provide a rigorous ‘real-world’ test of your security controls – helping you quickly identify existing vulnerabilities or prioritise future investments.
Located at the heart of a Tier 3 data centre, Comtact’s state-of-the-art SOC helps you rapidly scale your organisation’s security operations – and provide the assurance you have a specialist security team to support you – day or night.
Network penetration test, external
An 'external' pen test involves an ethical hacker probing your perimeter defences across the internet, providing an effective test of how your externally-facing network infrastructure responds to threats.
Network penetration test, internal
An internal penetration test simulates either the actions a hacker might take once access has been gained to a network, or those of a malicious actor, or disgruntled employee with access that he or she is looking to escalate.
Web application penetration test
A web application penetration test, looks for any security issues in your websites and web applications, including CRM, extranets and internally developed programmes - which could lead to exposure of personal data, credit card information etc.
A social engineering pen test will help you understand the susceptibility within your organisation to human manipulation. Social engineering techniques are wide ranging, from the very simple, to highly personalised, sophisticated attacks.
Black Box testing
With a black box penetration tests, no information is provided about the infrastructure or environment, simulating how an internet hacker would attack your environment.
White Box testing
Detailed information is provided about the environment, simulating how an attacker with knowledge (e.g. employee/insider) could present a risk to the organisation.
Grey Box testing
A grey box test is a blend of black box and white box testing techniques. Selected snippets of information are provided, for a more focused test and reduced timeline (than black box testing).
A vulnerability scan uses a suite of software tools, providing a technical assessment of your IT estate, scanning your network infrastructure to identify unpatched software updates, incomplete deployment of security software, or open ports, for example.
Whereas a pen test is performed manually by a skilled pen tester, simulating an attack using a range of strategies and techniques, as a hacker would use in a real world cyber attack.