Bonsai Information Security - Services

Penetration
Testing

Bonsai’s Penetration Testing service allows you to discover the risks posed by the vulnerabilities found in your organization’s technological assets. Our service provides a thorough identification of all vulnerabilities, their real risk level and detailed recommendations to remediate them.

Bonsai’s Penetration Testing Methodology

Our methodology is built around a manual testing process that identifies all types of vulnerabilities and logical flaws not typically detected during vulnerability assessments or automated scanning. A Penetration Test involves the analysis of all the security measures in place, including but not limited to Firewalls, IPS and IDS appliances, Password Complexity Policies, Software update and development best practices. The methodology is based on the following phases and follows the OSSTM methodology:

  1. Information Gathering: we identify the target network topology, routers, firewalls, servers, Web Applications and other technological assets that are included in the scope.
  2. Evaluation: fingerprint application and Operating System versions, discovery of misconfigurations.
  3. Assessment: using the previously gained knowledge, specially crafted packets are sent to the target network in order to identify vulnerabilities.
  4. Exploitation: every identified vulnerability is exploited using cutting edge techniques. The focus of this phase is to demonstrate the real risk associated with each vulnerability.

Deliverables

Our deliverables include the following:

  1. Technical report
  2. Executive summary
  3. Strategic recommendations

Did you know that a Penetration Test is the fastest and most accurate way to identify vulnerabilities in your network?

Get a Quotation and start the process of securing your network.