Employing the latest testing strategies to provide a rigorous ‘real-world’ test of your security controls.
Testing methodology uses OWASP and PTES standards, tailored per organisational requirements.
Every test is uniquely defined to fit your requirements, with step-by-step details in a scoping document (SOW).
Evidence of vulnerabilities identified, including their CVSS score (Common Vulnerability Scoring System).
24/7 Security Operations Centre (SOC)
Located at the heart of a high security Tier 3 data centre, Comtact’s Security Operations Centre (SOC) team operate round the clock, as part of an integrated, multi-layered security defence.
Using the same techniques a hacker would use – but with a defined and controlled methodology, our skilled pen testers use the full range of strategies in their toolkit to replicate a ‘real-world’ cyber attack – a highly effective test of your security defences.
Firstly, we gather intelligence from publicly available sources to identify opportunities and vulnerabilities to exploit. This would include looking for misconfigurations, weak passwords, unpatched software, open ports etc. that can lead to unauthorised access.
With agreement, we would attempt to exploit identified vulnerabilities to confirm the risk to your organisation – a true evaluation of the threats faced today.
Black box: A penetration test performed without any influence or direction from the business on what vectors to attack
White box: A penetration test performed according to pre-determined guidelines set out by the client
Grey box: A penetration test performed with partial guidance, like a map of the network, but where other aspects must be achieved during the project, like administrative access.