We prevent Cyber Attacks
with Ethical Hacking services

A proper information security to secure You must be based on the philosophycal "Hack Yourself First".
If we don't think like an hacker it is difficult to ensure Your best protection in business information.
Proactive security includes all activities designed to identify and assess the effectiveness, efficiency and strength of technological or organizational security countermeasures adopted by a company to identify a possible weakness.



Vulnerability Assessment



It involves performing automated or semi-automated non-invasive scans, conducted using automated tools and manual checks, in order to detect the presence of known vulnerabilities.



Penetration Test



It's based on inferential techniques attack designed to identify known or unknown issues undetectable simply by scanning tools and automated analysis.


Scenario

Scenario



From outside, verifying the services exposed on the internet


From inside the customer network


Techniques

Techniques


White Box



With the White Box technique the Ethical Hacker is previously informed by the Customer, about infrastructure and available services. The Ethical Hacker won't execute the first step concerning the Information Gathering, because he will already know the system, softwares and available services. This technique requires less time to execute vulnerability assessment and penetration test. This test is also more accurate because during the attack step, the Ethical Hacker can focus his attention on the specified target.


Gray Box



When we talk about Gray Box, we talk about an intermediate approach; with this technique the Ethical Hacker has a general knowledge about how the infrastructure is organized and what data structures are used. In this way it's possible to execute more targeted test rather than Black Box approach, but obviously, considering that there isn't the code knowledge, tests will be less accurate than White Box technique.


Black Box



The Black Box technique is very similar to a real attack from an external Hacker, because tester doesn't have any information about infrastructure and target to analyze. This is the real simulation of an ill-intentioned hacker that has to collect information about the infrastructure (services, software, firewall, etc...). The Black Box technique requires more time because the Ethical Hacker doesn't know the infrastructure at all.

Book your VA & PT

Steps

Steps




Information

collection





Vulnerability

scanning





Vulnerability

analysis





System

attack





Privilege

Escalation





Evidence

collection





Countermeasures

detection





Report

writing


Reporting

Reporting

Executive Summary

Intended for the Customer's executive staff, it provides strategic and easy to read directions on security situation found as a result of analysis.

Technical Report

This is the formal documentation concerning executed tests and reports in detail results of work done, technical details and most significant evidence.

Remediation Plan

A document that formalize all the vulnerabilities detected during the Ethical Hacking, providing an useful tool for resolution of critical issues.