info-sec-pro.com Computer Penetration Testing

Proving due diligence and compliance.

About Pen Testing

Standard compliance

About us


Testing Approaches:



	White-Box 
The testing team has complete carte blanche access
to the testing network and has been supplied with 
network diagrams, hardware, operating system and 
application details etc, prior to a test being 
carried out. This does not equate to a truly blind 
test but can speed up the process a great deal and 
leads to a more accurate results being obtained. The 
amount of prior knowledge leads to a test targeting 
specific operating systems, applications and network 
devices that reside on the network rather than spending 
time enumerating what could possibly be on the network. 
This type of test equates to a situation whereby an 
attacker may have complete knowledge of the internal 
network.

	Black-Box 
No prior knowledge of a company network is known. 
In essence an example of this is when an external 
web based test is to be carried out and only the 
details of a website URL or IP address is supplied 
to the testing team. It would be their role to attempt 
to break into the company website/ network. This would 
equate to an external attack carried out by a malicious 
hacker.

	Grey-Box 
The testing team would simulate an attack that could 
be carried out by a disgruntled, disaffected staff member. 
The testing team would be supplied with appropriate user 
level privileges and a user account and access permitted 
to the internal network by relaxation of specific security 
policies present on the network i.e. port level security.

Read More.. | Comments (0) | Resources.

To start a penetration test, please submit:



Business Name:
Contact Information:
Email Address:
URL or IP address: