Pakistan Computer Emergency Response Team

The Security Standard


HOME | ABOUT US | SERVICES | ADVISORIES | RESOURCES | DEFACEMENT ARCHIVE | MEMBERS AREA | TRAINING | CONTACT US

Copyright | Disclaimer

 

 

 


 

SECURITY ASSESSMENT & PENETRATION TESTING (SAPT) SERVICES (ETHICAL HACKING)

PakCERT Security Assessment & Penetration Testing Services were introduced to provide anyone the means to protect their valuable information assets by giving organizations and individuals direct access to hackers and other IT professionals not usually available for hire. We protect the information assets of our clients through the use of education, technology and experience, while maintaining the strictest levels of confidentiality in the industry. Armed with the latest exploit codes and techniques the underground is using for years to compromise your networks, we use the same techniques to harden your network from such intruder attacks. When you hire PakCERT to provide specialized, objective assessment of your organization’s security vulnerabilities, you get a cracker-jack team of IS consultants who are also IS researchers. That’s because we believe that IS research must be linked to real-world IS problems, and real-world IS problems must influence what we research.

Security Assessment Services include the vulnerability tests, analysis, and reporting with the Penetration Testing Component. The Penetration Testing Component is an elite, high-level service that requires the time and effort of experienced network security penetration testing experts to break a system's security and submit methodology documentation. Simple, step-by-step instructions will be provided to clients so problems can be fixed without delay.

PakCERT team will undertake a 4-stage Penetration Testing process:

1. Information gathering (Goal: Complete company profile)

    • Search for information about the company
    • Internal network infrastructure
    • Systems or business-critical applications used
    • Looking for security holes and weaknesses in implementation or process

2. Information analysis (Goal: Plan of attack)

    • Filter all information collected in Step 1
    • Evaluate complete company profile
    • Define first steps for break-in tests, and plan activities for penetration

3. Perform the test (Goal: Test the environment)

    • Perform the attack
    • Keep detailed logs on everything
    • Report findings

4. Reporting (Goal: Rate the tested environment)

    • Complete deliverables
    • Recommendations based on weaknesses reports

Contact us to find out more about PakCERT Penetration Testing methodology, risk rating metrics and attack modules list.

 

All rights reserved. Copyright© PakCERT 2000-2017