Sense of Security is one of Australia’s most trusted providers of cyber resilience, information security and risk management services.

Latest announcements
© Copyright Sense of Security
 
Cyber Security Services

Penetration testing

Our penetration testing services identify weaknesses in your business’s information systems, and can fortify your protection.

Our ethical hackers will
test your system’s defences
with penetration testing

Ethical hacking – penetration testing using hacking skills for good – checks how well you have protected your organisation against malicious attacks. Trying to hack your own system can identify weaknesses in your defences and help you improve your protections.

Sense of Security’s cyber penetration testing services are some of the best in the world, available here in Australia. With Sense of Security as your cyber security partner, you get:

Penetration testing is a requirement for some types of organisations. Our service allows you to comply with corporate governance responsibilities, including:

  • Regulations such as PCI DSS, ISM, SOX, and HIPAA and the Australian Privacy Act 1988
  • Industry standards such as ISO 17799 and ISO 27001.

Our methodology and approach

We have a documented, well established penetration testing methodology based on industry best practices and our own specialist techniques. This ensures that you will receive reliable and repeatable results that minimise the risk to your systems under testing.

We start by profiling the most likely threats to your business. Then we examine your business processes, information flows and the technology that supports your operations.

Once we understand how you work, we unleash our arsenal of penetration testing tools – they are similar to those used by malicious attackers. Our toolkit includes best-of-breed commercial and open-source penetration tools and a few specialised items that we have developed in-house.

You will receive a comprehensive business risk-focused report of our testing, detailing:

  • Our approach and techniques
  • The vulnerabilities we identified
  • A set of prioritised findings
  • Clear recommendations to harden your security.

Any security issues are reported with accompanying step-by-step instructions and screenshots, so that you can replicate the attack, get a visual perspective of the problem and understand the nature, and urgency, of the potential risk.

Vulnerability assessments versus
penetration testing

Vulnerability assessments use testing or scanning tools to identify security vulnerabilities in a system or environment. They are less costly than a full penetration test and typically highlight technical threats. However, they do not:

  • Qualify the business threat
  • Test business logic
  • Assess common attack methods
  • Identify unknown vulnerabilities
  • Actively exploit the problems to determine the full exposure
  • Validate the threat’s existence.

While a vulnerability assessment can be useful, it is not comprehensive, so reports based on it are indicative only and may be incomplete or inaccurate. It can also overlook attack scenarios which could lead to a future security breach.

Ongoing protection for your systems

Sense of Security provides penetration testing services as a one-off assessment, or on an ongoing basis.

If you opt for ongoing support, we will work with you to develop a recurring penetration testing program for different segments of your business environment.

Ongoing support will give you cost-effective, continuous protection. We will also be able to quickly identify and alert you to new areas of exposure. You will also receive information about trends, which will allow you to monitor the progress of your IT security initiatives.

Vulnerability assessment training

Sense of Security can also provide practical training courses for your internal security teams to empower them to take better control of your cyber security environment. We can provide training at your office or you can come to us.

Ongoing support will give you cost-effective, continuous protection. We will also be able to quickly identify and alert you to new areas of exposure. You will also receive information about trends, which will allow you to monitor the progress of your IT security initiatives.

Types of penetration testing services

Sense of security provides a range of penetration testing services that can further test the strength of your systems.

External network penetration testing

Imitate opportunistic intruders who try to gain access to your systems from the internet.

Read more…

Internal network penetration testing

Validate your deployed security controls or test your defences against security breaches from internal attacks – an inside job – where disgruntled or careless employees cause damage from within corporate networks

Read more…

Web application penetration testing

Test the security of your open source applications and find vulnerabilities in your custom web applications.

Read more…

Physical penetration testing

Physical security is just as important as information security. Test your business’s defences against real-world physical attacks.

Read more…

Mobile application security testing

Security testing your mobile applications – like penetration testing your websites – can expose security flaws and give you the opportunity to further protect your system.

Read more…

Wireless penetration testing

Wireless or “remote access” penetration testing mimics potential intrusions from remote entry points outside your business site, such as eavesdropping on your network or networked devices, or gaining access through a VPN access point.

Read more…

Citrix penetration testing

Your Citrix server is a valuable way to centrally host applications and resources, which makes unauthorised access a high-risk event. Identifying and closing security gaps will harden your XenApp and XenDesktop defences.

Social engineering testing

Increasingly, attacks have a human factor. Test your defences against techniques like tailgating, phishing and baiting.

Read more…

Fortify your defences now.

Speak to one of our trusted cyber experts
on 1300 922 923 or make an enquiry today.