Penetration testing is an industry buzzword that is currently gaining in popularity. Considering its usefulness, this is not surprising. Penetration testing is actually a very detailed and thorough process of examination of an information system. During this process, penetration testers examine the security of the target system. Every penetration test is fully adapted to the needs and requirements of the client and its information system. In addition to conducting numerous checks using specialized tools, penetration testers need to have a vast degree of experience and knowledge. Unlike vulnerability scanning where the end goals are to find potential security risks, the goal of penetration testing is to take control of the target system. Actually, penetration testers try to act the same way potential attackers do. Naturally, with the exception they do not cause actual harm to the client system.
This begs the question as to what should or should not be included in a penetration test. By definition, a penetration test is highly invasive. What should be included in a penetration test? The harsh reality is everything should be tested. Real cyber criminals won’t spare your systems! Why should you?
But can you trust your penetration testers? During a penetration test, Nobium ensures confidentiality, integrity and availability of the client’s data and systems. After a penetration test is complete, we ensure the confidentiality of the test results.
When conducting various forms of security investigations, Nobium uses a knowledge base developed by our security experts. Our team of security consultants has over 15 years of experience in monitoring and analysis of unauthorized activity on the Internet. Nobium suggests performing a penetration test at least twice a year. This service is intended for clients that want a detailed and thorough assessment of the security of their own information system.
After a penetration test, the client should try to remove all vulnerabilities. Nobium agrees to re-examine the system after every system update. The number of repeated penetration tests is unlimited. We stop when the client is happy with the achieved level of security.
Are there any official guidelines? –Although penetration testing is considered to be an art form by many practitioners, there are various guidelines. The OSSTMM (Open Source Security Testing Methodology Manual) is one of them. Nobium's team of experts developed a series of methodologies and guidelines for their clients. Still, it is crucial to stay informed of new guidelines and standards for penetration testing.
Please feel free to check the price for our penetration testing services using our penetration testing price calculator!