PENETRATION TESTING EXPERTS
Penetration testing is also called pen testing or ethical hacking. It is the practice of testing a computer system, network or web application to find security vulnerabilities that an attacker could exploit. Penetration testing can be automated with software applications or performed manually. But either way, the process involves gathering information about the target before the test, identifying possible entry points, attempting to break in, and then reporting back on the findings.
TYPES OF PENETRATION TESTS
There are several types of penetration tests that can be performed on your website, including tests that look at internal infrastructure and tests that look at devices. At Kernel Afrika, we specialise in the following penetration tests to help your business identify potential threats before they happen:
Web Application testing
Penetration tests on websites are used pre-deployment to ensure that there are no vulnerabilities within the website’s code that can be exploited by malicious attackers. We make use of the OWASP testing framework, which includes the following test stages:
- Before development begins
- During definition and design
- During development
- During deployment
- Maintenance and operations
Network device scans
We scan an organisation’s network for devices that can be compromised or that risk intrusion and attack. Devices such as printers may have be WiFi-enabled and open to be hijacked by cybercriminals to use as an entry point onto the internal business networks.
A well-secured infrastructure with multi-factor authentication makes it very difficult for cybercriminals to gain access to your network. So, we test all network infrastructure to examine defences against attacks such as the presence of ransomware.
Why do I need it?
A penetration test is an effective way to test vulnerabilities on your website or web application before cybercriminals attempt to gain entry. It is a self-test against the current security measures on the website to ensure that any vulnerabilities and risks are mitigated internally before criminal elements can get onto your website. Protect your organisation's reputation and maintain your cyber security so that your site is not exposed to a takeover that can take a day or even weeks to restore.
What does it include?
When we conduct a comprehensive penetration test of your website or web application, we use the OWASP standards to test your website against the most common hacking methodologies; ranging from weak passwords to SQL injection of scripts on the website. Pentest reports also include recommendations and support on how to fix the issues with insights from our security consultants. Additional requests may include dark web reports, highlighting all exposed logins against a specific organisation's domains and email addresses.
Examples of reports can be requested by reaching out to us on firstname.lastname@example.org