Offensive - Defensive
Red Team - Blue Team
Gather Informationen and Draw Conclusions
Information is king and especially in the field of cyber security. Red team and penetration tests provide valuable information. They identify vulnerabilities no matter if they are implementation bugs, misconfigurations, design flaws or even company-wide threats. A proper scoring helps assessing and prioritizing mitigations and consequently hardeing the system.
We aim precisly so that others miss
Steps of a Pentest
During the preparation the details of the audit are evaluated. For instance we clarify which type of audit is best and which target is affected.
During the information gathering phase one collects as much information and details about the target as possible. This includes technical details as well as mail addresses or social information that might help to compromise security.
After gathering details about the target, the information are analyzed according to their security impact. After prior agreement with the client the identified vulnerabilities might be verified via direct attacks.
In the very end, you get a final report that contains all the details about issues, their rating and how to come by. Every issue is prioritized which makes it easier to decide about your next step.
Comprehensive documentation and easy understanding
Every audit ends with a detailed report that summarizes identified vulnerabilities, their impact on the security state as well as corresponding mitigation strategies. In addition to that, the highlights of the report might be presented in front of an audience.
- Final Report
- Exec Summary