Connecting, communicating and transacting with customers and other organisations is a necessary component of doing business today. Exposing your technology environment (and therefore, your organisation) to external threat is simply the cost of doing business.
Failure to ensure your key systems and data are sufficiently protected from attack significantly increases the risk of major compromise and disruption, leading to reduced custom, bad publicity, decreased shareholder value, financial loss and potentially an inability to trade.
With your systems and connections exposed and so much at stake, you need to be able to identify your key vulnerabilities fast so that your risks can be known and managed.
A penetration test is an assurance exercise that involves an active assessment of systems to find vulnerabilities. We attempt to find and exploit these weaknesses and evaluate the risk they may have to your business.
We deliver to you an easily understandable, actionable report with recommendations for mitigation of the identified issues. Applying the recommended fixes improves your cyber security overall and decreases the chance of becoming a victim of a successful cyber-attack.
Security Alliance provides a full range of security testing services from source code review to application testing, from vulnerability scanning through to a simulated attack or wargaming exercise.
Our penetration testing services are available as one-off projects or as part of a fully managed programme.
The infrastructure (or remote network) penetration test will attempt to identify sensitive information about your organisation and infrastructure. Our specialists then assume the position of an external attacker and look to exploit vulnerabilities and system misconfigurations to gain access to the organisation's network over the internet and assess the impact of gaining such access.
Find out more
A web application penetration test analyses the security posture of web-based applications by reproducing steps that an attacker would take to breach and manipulate the services or the systems on which the application resides.
In addition to the usual application security vulnerabilities such as code injection and privilege escalation issues, our methods also recognise any weaknesses specific to your custom software, including business logic flaws.
Find out more
Mobile applications introduce some unique security challenges.
The mobile application penetration test identifies security issues relating to the operation of the various components of the mobile app, from the client itself and local data storage to API and hosting to evaluate the associated risks.
Find out more
We'll schedule a preliminary phone call to learn about your challenges
You'll outline your needs and highlight any relevant applications in a scoping questionnaire
We'll review the results and send a detailed proposal outlining the service and pricing
You'll let us know when to proceed
We'll schedule a convenient start date for the penetration test and begin gathering the required technical information in advance
Penetration test (or pentest for short) is an assurance exercise that involves active analysis of systems to find vulnerabilities. During a penetration test our security consultants will perform 'ethical hacking', mimicking the methods of cyber criminals. We attempt to find and exploit weaknesses in your systems to evaluate the risk they have to your business.
Any and all systems connected to the internet should be subject of regularl penetration tests. This is to ensure your systems are as secure as possible and you are not exposing your business to unnecessary risks.
The typical type of systems we conduct security tests on include web applications, external networks, mobile applications and internal network infrastructure.
A vulnerability scan is typically an automated scan that will uncover common vulnerabilities. This is also the first step of a penetration test. During a penetration test, a specialist will review the vulnerabilities uncovered by the scan and investigate them to find the true extent and depth of the issue.
Security Alliance provides unique value to its clients by actively integrating its own services with those of its member companies. Member companies provide unique skills and experience, and collectively enable Security Alliance to provide expert and scalable security testing services. Our penetration tests are carried out by one or a combination of member companies dependent on the requirement.
Bespoke security testing
Our Security Testing Programmes help clients identify and mitigate against the vulnerabilities within their infrastructure, processes and people. We design and conduct rigorous investigative engagements that locate and fortify weaknesses within technology, code and human behaviour.
We offer a broad range of standalone and managed security testing services, as part of both point-in-time projects and ongoing, integrated programmes.