Step 1: Information Gathering
VA starts off by gathering all relevant information, defining the scope of activities, roles and responsibilities, and making a list of all the valuable assets.
Step 2: Vulnerability evaluation
This step involves assessing the IT system and finding out potential vulnerabilities that can harm its security.
Step 3: Risk assessment
After detecting the vulnerabilities, an evaluation is done to assess the potential and probable outcomes and risks.
Step 4: Risk mitigation
The final step is to recommend feasible solutions or techniques to prevent the threats from happening and mitigate the risks.
Step 1: Test planning
Before commencing the PT, a test plan is drafted with clear objectives, scope, time, duration and potential impact to the business operations.
Step 2: Information Gathering
The next step is to obtain as much information from public databases (DNS, Who is, etc) and other sources (company website, search engines, etc) to determine the investigation targets.
Step 3: Penetration Attempt
Penetration testers begin an intrusive attack to challenge the system’s defences. Comprehensive penetration testing includes tests such as password cracking, network exploitation, social engineering and even physical security testing.
Step 4: Reporting & Recommendation
A report summarising the process, results and detailed analysis of identified vulnerabilities will be generated. Recommendations of solutions to close the identified security gaps will also be proposed.
Enterprise Managed Mobility
Mobilise your workforce, enable secured connectivity and corporate data access.