Penetration Testing

• Penetration Testing

  Penetration Testing (pen test), is an essential testing technique to combat the increased threat of hackers and changes to the threat landscape. A penetration test evaluates the level of information security within your organisation by identifying known and unknown security vulnerabilities across your networks, servers and applications

  Penetration tests vary in the approach taken. A pen test can follow either a black box or a white box testing technique.

  Black box testing refers to a method of testing in which there is no knowledge of the systems or infrastructure to be tested. The black box technique most closely resembles an external hacker who has little to no understanding of the systems in place.

  In contrast, white box testing refers to a method of testing where the tester has a working knowledge of the underlying infrastructure - network, servers and applications. This information is provided by you prior to commencing the testing. White box testing allows for a more targeted approach and allows for the testing to be completed in a shorter timeframe.

  Year on year, we have seen significant growth in exploited vulnerabilities and we can expect this trend to continue

  "According to the X-Force database tracking, 2010 had the largest number of vulnerability disclosures in history - 8,562. This is a 27 percent increase over 2009, and this increase has had a significant operational impact for anyone managing large IT infrastructures. More vulnerability disclosures can mean more time patching and remediating vulnerable systems."

  
  Source: IMB X-Force 2010 Report

   

  Why Dragonfly

  Partnering with an experienced and trusted security practice is essential. Dragonfly's security experts provide specialised ethical hacking techniques developed both internally and found within the hacking community to deliver accurate results together with concise recommendations for remediation.

  Dragonfly's pen testers execute both black box and white box automated and manual testing.

  Dragonfly's security team are able to perform penetration tests internally (onsite) or externally (remotely). Dragonfly penetration tests can be on demand, quarterly or on an annual basis thereby allowing your organisation flexibility to meet your security and compliance needs.

  Dragonfly invests in continuous security training to develop and build teams to protect your business. Our principal security experts are vetted to Highly Protected under the Australian Government Attorney-General's Department security classifications.

  Dragonfly is the trusted name in security and an IBM Business Partner. Dragonfly security experts are IBM Rational AppScan^® certified and together with IBM protect your business.

  Our clients range from medium to large enterprises across a range of industries, including:

  • Government
  • Banking & Finance
  • Healthcare
  • Non-For Profit
  • Entertainment
  • Services Firms

  Contact Us

  Find out how Dragonfly can help you today by visiting our Contact Us page.

  ---

  Related Services

  

  IBM Rational AppScan^®

  Combat the growing threat of Web Application breaches with IBM Rational AppScan.
  
  It's more important than ever to examine your web application security, vulnerabilities, and take action to protect your business.
  
  Read more