Ethical Hacking / Penetration Testing

Tracking technical security vulnerabilities

The technical security of individual IT-systems is analysed by means of penetration testing. For this, methods from the hacker-scene are used to check your company's systems for technical vulnerabilities.

Using various scenarios, the opportunities to gain access to your company's systems for an attacker, e.g. via the internet, are detected. The chosen procedure reflects the approach of an attacker and thus allows for the acquisition of valuable information regarding the security of your systems during different stages of an attack.

Szenarien des Ethical Hackings

From Security Scans to Web-Application Tests

SRC conducts penetration testing in a way that simulates a hacker's approach and these tests have thus significant explanatory power. By evaluating the impacts of the discovered vulnerabilities on your critical business processes, these results can be used further within the scope of analyses.

SRC compiles a report with the results of the examination and will suggest short-, medium- and long-term measures for the elimination of these vulnerabilities. You can use the results of penetration testing conducted by SRC to evaluate the current security levels of your system environment and derive necessary measures.

Frequently conducted security examinations (penetration tests and security audits) are an inherent part of a good security management. They provide a continuous retention of your business's critical IT-processes.

Performance of W-LAN Security Tests

Within the scope of W-LAN security tests, SRC performs attacks (penetration tests) on various components of the W-LAN environment. SRC tries to break encryption procedures where applicable, intercept network traffic and gain access to internal systems.

Additionally, all components involved in W-LAN transmission, e.g. access points or routers, will be attacked and examined for security holes.

Examples of use / Typical tasks

  • Within the productive rollout of a newly-developed web application any existing vulnerabilities should be revealed and strategies and measures should be taken to eliminate them by means of a Web Application Testing.
  • A penetration test of the internal network aims to identify whether the high-security network of the research department is adequately protected against attacks and to investigate the possibilities of intrusion.
  • The objective of a War-Dial is to learn whether unauthorized modems which allow access to the corporate network are installed.

References

Over the last years, SRC conducted a multitude of penetration tests of internet-presences, web-shops. Internal company-networks were also examined. Our customers range from businesses of the credit services sector, to industry, insurance and trade. Our employees have more than fifteen years of experience with performing penetration tests. For example the first German internet based banking systems have been tested by our employees.

Contact

Thilo W. Pannen
Randolf Skerka

info[at]src-gmbh.de
Telephone: +49(0)228 2806-0
Telefax: +49(0)228 2806-199

Relevant links

  • Security Audits by SRC