Penetration testing, also known as "pen testing", is the practice of simulating a cyber attack on a computer system, network, or web application to test its defenses and identify vulnerabilities. A penetration test is typically carried out by a team of cybersecurity experts who use a variety of tools and techniques to attempt to gain unauthorized access to a system or network. The goal of a penetration test is to identify weaknesses in the system that an attacker could exploit and to provide recommendations for how to fix those weaknesses.
Red teaming, on the other hand, is a more comprehensive approach to testing the defenses of an organization. While a penetration test is focused on finding and exploiting vulnerabilities in specific systems or networks, red teaming takes a more holistic approach and simulates a full-scale attack on an organization's entire operations. This can include physical, cyber, and psychological tactics, and the red team will often work to evade detection while carrying out their activities. The goal of red teaming is to identify weaknesses in an organization's overall defenses and to help the organization improve its ability to detect and respond to real-world threats.
Our penetration testing methodology does not impact service provision and our team will not perform any actions that will affect it. In web application penetration testing we highly recommend to make the penetration test in a non production environment.
There are many factors that can impact the duration of a penetration test such as are:
Number of subnets
Number of Servers and Workstations
Number of API Calls
Complexity of a Web Application
In a typical scenario of a small company the penetration test will take about a week
In every phishing campaign the goal is to be as realistic as possible. Our team can make an exact copy of your internal application in order to perform the phishing attack.
Every data from the phishing campaigns like usernames, emails and passwords are deleted from our server after completion of the scenario. However we strongly advice users who have type their credentials to change them immediately.
Due to the fact that a penetration test report may contain critical information about your companies network we store them encrypted (AES 256) in our data center for 2 years. If you do not want them to be stored at all you can request and they will be deleted upon sent to you.
Our team can travel all around the globe however we can do an internal penetration test remotely via VPN.