ISL penetration testing and vulnerability assessment services can be “off the shelve” standard tests for a fixed price, or an individually bespoke tailor made test. The scope of the testing can range from individual external system testing to enterprise wide external and internal reviews. Our Bespoke test starts with an initial fact finding and project scoping exercise with the ISL project lead consultant and the client, a team of highly skilled consultants with complimentary skill sets are assembled for the engagement. This ensures that the teams knowledge, expertise and tool set offers complete coverage of the systems being tested leaving no stone unturned.
Armed with detailed knowledge of attack methods and vulnerabilities in common use, our own in-house tools and established testing methodologies ISL will simulate the skill level of the potential attacker, ranging from script kiddie to informed and highly skilled insider. This approach offers a far more realistic attack simulation than that offered by running a commercial vulnerability analysis tool. In addition to the standard system and application technical tests, ISL can perform social engineering attacks and simulate competitive intelligence gathering on request.
On completion of the test the client receives a report detailing the attack methods used by the team and an analysis of their findings. The report will also provide an assessment of the level of risk presented by the vulnerabilities found and recommendations for remedial work. Finally, ISL presents a summary of findings to management and appropriate technical groups highlighting the relevant issues, supported by the technical content of the document.