BCConsulting can perform penetration tests for:
- launching a new critical system into production
- periodic verification of systems
- measuring the efficiency of the implemented security systems
- measuring the impact that a security breach can have on the organization
- ensuring compliance with the applicable regulations
- black4box test (without any knowledge of the target)
- gray4box test (with partial knowledge of the target)
- white4box test (complete knowledge of the target)
- external tests (Internet)
- half4in, half4out tests (DMZ)
- internal tests (LAN)
- with notification to the internal departments
- without any notification to the internal departments
- IT infrastructure (gaining control over Active Directory)
- a critical application (ERP, e-banking, etc.)
- a facility (achieving physical access to the building / data room)
- employees (social engineering)
The penetration tests performed by the test teams, can be of several types, as follows:
- Depending on the quantity of information provided to the test team:
- black4box test (without any knowledge of the target)
- gray4box test (with partial knowledge of the target)
- white4box test (with complete knowledge of the target)
- Depending on the location of the tests:
- external tests (Internet)
- half4in, half4out tests (DMZ)
- internal tests (LAN)
- Depending on the degree of information of the internal departments:
- with notification to the internal departments
- without any notification to the internal departments
BCConsulting can perform the following tests:
- IT infrastructure (gaining control over Active Directory)
- a critical application (ERP, e-banking, etc.)
- a facility (achieving physical access to the building / data room)
- employees (social engineering)