pic4

Kinh Doanh


Mr Bảo

Mr Duy

Hotlines

0903115043 (Mr Duy)
0908449646 ( Mr Bảo )




RAPID PENETRATION TESTING

Many times, firewalls or security devices are deployed in a network as a quick and cost-effective measure to combat hackers but their capabilities were barely or never tested. The number of security breaches recorded keeps increasing despite there are so many firewalls and security protections out there. What could be done to help evaluate the effectiveness and performance of your safeguards? Penetration testing is the answer.

 

Comprising five distinctive phases: Reconnaissance, Analysis, Penetration, Information, and Documentation, RAPID is a detailed and proven penetration testing approach designed by PNET VIET NAM to offer the most systematic and effective way to evaluate the security of a network.

RAPID Penetration Testing

[1] Reconnaissance

In this phase, PNET VIET NAM will use both passive and active reconnaissnace techniques to identify customer's network topology, active hosts, IP addresses, OS platforms, open ports, security devices, and many other useful information. All this information will be carefully scrutinized and prepared for the next phase.

[2] Analysis

This second phase is where PNET VIET NAM will start to execute application mapping, vulnerability scanning/fuzzing, and vulnerability analysis based on the information gathered previously. Our consultants will attempt to reveal the exact network applications running behind those open ports, identify the associated vulnerabilities, and analyze if the vulnerabilities are exploitable and whether exploitation may cause disruption to the network.

If the customer network is found to run dynamic web applications, PNET VIET NAM will perform various vulnerability fuzzing techniques to help discover unknown vulnerabilities due to poor security practices. Some of the vulnerabilities can be discovered during this phase include SQL Injection, Code Injection, Code Execution, Directory Traversal, Cross Site Scripting, et al.

[3] Penetration

PNET VIET NAM will exploit vulnerabilities discovered in the previous phase to gain access to the network. There are typically two main vulnerability categories that our consultants will attempt to exploit: network service vulnerabilities and web application vulnerabilities.

[4] Information

Upon successful exploitation and having gained access to the network, PNET VIET NAM will immediately notify the customer of the condition and restore the network or system to its original state before the Penetration phase. A quick report of immediate actions (if possible) will be drafted.

[5] Documentation

The final phase of RAPID Penetration Testing entails our consultants to prepare a comprehensive document explaining the details of how the penetration was possible, what activities were carried out, corrective measures, and possible preventive measures.

 

Trung tâm tin học KHTN