Penetration testing is regularly used by organisations as part of their ongoing security strategy/program. It is a security exercise that involves our ethical hacking team launching up to date real world attacks against either your security infrastructure, web, and/or mobile applications. We report back on the findings and how to remediate any identified vulnerabilities, this will allow you to better understand your security gaps, current security risk profile and practical steps for improvement.
Testing can be conducted either externally (as an outsider threat) and/or internally (as an insider threat) to help you in determining exactly how effective your existing system defence mechanisms are, and evaluating whether or not your organisation is following security best practise.
Kaon Security have wide ranging experience with complex architecture designs, the latest attack techniques, exploits, security flaws, and digital forensics. This allows us to combine complex penetration testing attacks with exclusive forensic techniques to achieve better outcomes.
Depending on the test targets Kaon Security follow a custom methodology, based on industry standards such as Penetration Testing Execution Standards (PTES), Open Source Security Testing Methodology Manual (OSSTMM), and Open Web Application Security Project (OWASP).
During the penetration testing exercise Kaon Security provides a unique real life simulated hacking campaign experience, combining automation; multidisciplinary security skills; OSINT and forensics expertise; and most importantly our unique database of 9000+ open source, commercial, and custom built exploits.
The highly experienced Kaon Security penetration test team go beyond the point of initial access or security gap discovery, allowing us to locate additional hidden risks or threats.
Contact us to discuss your testing requirements
Penetration testing is generally categorized into 3 primary testing approaches. In order to deliver the outcome you wish for we recommend discussing your key objectives, budget and time frame with our consultants who will work with you to identify the most suitable testing approach.
Furthermore, web application penetration testing includes options for either authenticated or unauthenticated testing: