A penetration test is the process of actively reviewing your security systems, policies and procedures. There are a variety of methods by which this can be undertaken, the most common method is that the security measures are actively reviewed and surveyed for design weaknesses, vulnerabilities and flaws. The findings are then documented for the client.

Penetration testing can be conducted with the full knowledge of all areas of the business under test or without the knowledge of the business, but always following specific instruction by senior client staff.

A penetration test will involve the systematic audit of all security measures within a business. A full project should include some or all of the following areas:

Network Security, Physical Security, IT Firewalls, Executive Protection, Travel Security, Information Security, Communication Security.

There are several internationally recognised standards and guidelines for information security and specifically for penetration testing. These standards are:

Standards for Information Systems Auditing (ISACA), CESG IT Health Check Scheme, The Open Source Security Testing Methodology Manual, The Open Web Application Security Project (OWASP).

Greymans consultants work to these standards as a basic service delivery standard. Our aim is to always exceed them.

If you want to discuss penetration testing, call us today.