BCConsulting can perform penetration tests for:

  • launching a new critical system into production
  • periodic verification of systems
  • measuring the efficiency of the implemented security systems
  • measuring the impact that a security breach can have on the organization
  • ensuring compliance with the applicable regulations
  • black4box test (without any knowledge of the target)
  • gray4box test (with partial knowledge of the target)
  • white4box test (complete knowledge of the target)
  • external tests (Internet)
  • half4in, half4out tests (DMZ)
  • internal tests (LAN)
  • with notification to the internal departments
  • without any notification to the internal departments
  • IT infrastructure (gaining control over Active Directory)
  • a critical application (ERP, e-banking, etc.)
  • a facility (achieving physical access to the building / data room)
  • employees (social engineering)

The penetration tests performed by the test teams, can be of several types, as follows:

- Depending on the quantity of information provided to the test team:

  • black4box test (without any knowledge of the target)
  • gray4box test (with partial knowledge of the target)
  • white4box test (with complete knowledge of the target)

- Depending on the location of the tests:

  • external tests (Internet)
  • half4in, half4out tests (DMZ)
  • internal tests (LAN)

- Depending on the degree of information of the internal departments:

  • with notification to the internal departments
  • without any notification to the internal departments

BCConsulting can perform the following tests:

  • IT infrastructure (gaining control over Active Directory)
  • a critical application (ERP, e-banking, etc.)
  • a facility (achieving physical access to the building / data room)
  • employees (social engineering)