Comprehensively test your cyber security controls to uncover the open doors and defend against real-world hacking threats - with our CREST-certified pen testing services.
Our experienced CREST-certified pen testing pros attempt to breach your security controls and gain unauthorised access to your business data – using the same techniques a hacker would use.
Experienced CREST-certified testing team
Full service security advice & support
‘Real world’ hacking methodologies
Actionable risk-based report – sample available
Reveal real-world exploitable vulnerabilities on systems, services & applications exposed to the internet.
LEARN MOREWhether an attacker with access to internal systems, or a rogue employee, understand your internal network risks.
LEARN MOREIdentify vulnerabilities on your web applications which could lead to unauthorised access or data exposure.
LEARN MOREAssess and understand your susceptibility to human manipulation via email, phone, media drops, and physical access.
LEARN MOREComtact’s experienced penetration testing team employ the latest testing strategies and techniques to provide a rigorous ‘real-world’ test of your security controls – helping you quickly identify existing vulnerabilities or prioritise future investments.
Located at the heart of a Tier 3 data centre, Comtact’s state-of-the-art SOC helps you rapidly scale your organisation’s security operations – and provide the assurance you have a specialist security team to support you – day or night.
Highly tailored programmes
Every test is uniquely defined to fit your requirements, with step-by-step details in a scoping document (SOW).
Detailed risk-based report
Evidence of vulnerabilities identified, including their CVSS score (Common Vulnerability Scoring System).
Rigorous testing methodologies
Testing methodology uses OWASP and PTES standards, tailored per organisational requirements.
Export review & recommendations
On-site debrief, review of results and recommended next actions to remediate the vulnerabilities identified.
Network penetration test, external
An 'external' pen test involves an ethical hacker probing your perimeter defences across the internet, providing an effective test of how your externally-facing network infrastructure responds to threats.
Network penetration test, internal
An internal penetration test simulates either the actions a hacker might take once access has been gained to a network, or those of a malicious actor, or disgruntled employee with access that he or she is looking to escalate.
Web application penetration test
A web application penetration test, looks for any security issues in your websites and web applications, including CRM, extranets and internally developed programmes - which could lead to exposure of personal data, credit card information etc.
Social Engineering
A social engineering pen test will help you understand the susceptibility within your organisation to human manipulation. Social engineering techniques are wide ranging, from the very simple, to highly personalised, sophisticated attacks.
Black Box testing
With a black box penetration tests, no information is provided about the infrastructure or environment, simulating how an internet hacker would attack your environment.
White Box testing
Detailed information is provided about the environment, simulating how an attacker with knowledge (e.g. employee/insider) could present a risk to the organisation.
Grey Box testing
A grey box test is a blend of black box and white box testing techniques. Selected snippets of information are provided, for a more focused test and reduced timeline (than black box testing).
Yes.
A vulnerability scan uses a suite of software tools, providing a technical assessment of your IT estate, scanning your network infrastructure to identify unpatched software updates, incomplete deployment of security software, or open ports, for example.
Whereas a pen test is performed manually by a skilled pen tester, simulating an attack using a range of strategies and techniques, as a hacker would use in a real world cyber attack.
Contact us: 03452 75 75 75
As our SOC / NOC is located within a high security Tier 3 data centre, location is protected.
The Shard, 32 London Bridge Street, London, SE1 9SG
31-33 Albion Street, Hanley, Stoke-on-Trent ST1 1QF
Accreditations & Awards