PENETRATING TESTING
Learn about your true exposure to cyber attacks
Identify vulnerabilities and improve your cyber security defenses
Penetration testing from Sunwell Solutions helps you improve the security of your critical assets by pinpointing vulnerabilities and configurations in your applications, networks and systems.
Service Overview
Sunwell Solutions security experts simulate real world attackers, by using the same tactics, techniques and procedures (TTPs) to target your high-risk assets. We can help you:
-
Discover risks to your critical assets
-
Identify and mitigate complex security vulnerabilities before the bad guys exploits them.
-
Identify and mitigate vulnerabilities and configurations that could be exploited in the future.
-
Understand the security of of your applications from the attacker's point of view
-
Get specific results and metrics to help you measure the risk associated with your critical assets
What you get
-
Summary report for senior level management
-
Technical report with enough details to recreate our findings
-
Context-based risk analysis to confirm the criticality of the findings is relevant to the environment
-
Recommendations for immediate and long-term improvement
How it works?
-
Penetration tests are customized to your environment
-
We conduct our tests and keep constant contact with you to update you on every achievement
-
We provide you with a comprehensive report
A variety of options you can choose from
Penetration test
Objective
Benefit
External Penetration test
Identify and exploit vulnerabilities for systems and applications exposed to the Internet
Understand risks to publicly exposed assets
Internal Penetration test
Simulate a malicious insider or an attacker that has gained access to an end-user system. Escalating privileges, installing malware or exfiltration of data
Understand risks related to malicious insiders or system breaches
Web Application Assessment
Assess web applications for vulnerabilities that can lead to unauthorized access or data exposure
Understand the security of your web applications
Our Approach
We follow a systematic penetration testing approach consistent with recognized industry frameworks as PTES and OWASP. There are four steps to it: reconnaissance, vulnerability enumeration, vulnreability exploitation and mission accomplishment.
In the reconnaissance phase we gather information about your environment: company systems, usernames and groups, applications.
In the enumeration phase we look to identify exploitable vulnerabilities with your systems, applications and users and determine the best ways to take advantage of them.
In vulnerability exploitation, we attempt to realistically exploit the systems using a combination of publicly available and internally developed exploit code and tools.
In mission accomplishment, we gain access to your critical assets, and provide comprehensive reporting of our findings.