|
FAQs
Questions:
What is the benefit of a Penetration Test?
A Penetration Test is a controlled security review conducted by an
independent security professional who attempts to break into a client's
computer system. A Penetration Tester employs the same tools and techniques as
real intruders, but a Penetration Tester does not damage the systems or attempt
to steal information. A Penetration Tester reports on the vulnerabilities that
were found and the ways that they can be fixed.
Back to Top
Does my system need a Penetration Test?
If you answer “yes” to any of the following questions, you need to
consider a Penetration Test. Will I suffer a financial loss if my systems are
compromised? Will my organization lose public confidence if my systems are seen
to be vulnerable to attack through Web site defacements or unavailability? If
my system is compromised and used to attack somebody else's system, will I be
legally liable?
Back to Top
Can you check business to business connections?
Yes. This confirms what your business partners can see about you.
Back to Top
Can a Penetration Test simulate an attack by a disgruntled employee?
Yes. This is referred to as an internal hack and this usually
represents the most fruitful hacking engagement.
Back to Top
Do you employ ex-hackers?
Absolutely not. First and foremost, the Penetration Tester must be entirely
trustworthy. While testing the security of a client's systems, our team members
may discover information that should remain confidential. If confidential
information was released, this may lead to loss of corporate reputation, and
ultimately financial loss. Pure Hacking does not use ex-hackers to review the
security of a clients system as trust is of paramount importance. We require
our testers to have a minimum of 5 years experience in the IT security field,
and appropriate academic qualifications.
Back to Top
How often should I assess my security through a Penetration Test?
It varies and depends on the complexity of your systems, but most of our
clients would check their systems with a Penetration Test at least once a year.
Back to Top
When can the Penetration Tests occur?
Pure Hacking will perform a Penetration Test at any time that is convenient to
you. There is no additional cost if the hack is performed outside of normal
business hours.
Back to Top
What effect will it have on my system?
Every effort is made to minimize the risk to your systems, but in some
cases you may notice extra logging activity and your Intrusion Detection
Systems may be alerted.
Back to Top
How long does a hack normally take?
On average, an engagement lasts for two weeks. Our clients usually request an
external and an internal hack, to cover the full range of threats. An external
hack is performed from our hacking lab, while an internal hack will be
performed from within your premises.
Back to Top
How effective is a Penetration Test?
We use the same tools and techniques as are used by malicious attackers and we
keep up to date with the current vulnerabilities in your software. We are
usually able to find the things that will make your system vulnerable to attack
and can help you close these holes well before your systems are attacked. This
method is effective because it shows you your real threats.
Back to Top
Finance
"We initially engaged Pure Hacking to conduct a number of tests in accordance
with a set of objectives. Their approach and execution were highly commendable
and all objectives were met or exceeded. Based on the experience we had no
hesitation in re-engaging Pure Hacking on another assignment. In the area of
internet security, I would highly recommend Pure Hacking for a penetration
test."
IT. Security Manager, International Financial Institution
|
|
