- Completely Blind Security Test, where no information is provided to Nettitude about hosts or services (often referred to as a Black box testing approach).
- Informed Security Test, where Nettitude is given information about the application logic of a system. This can include credentials on a host or configuration information about a specific service. This is designed to see what an authenticated user could see (often referred to as a White box testing approach).
- A hybrid approach, where the security tester is given a set of phased parameters. Tests start off without any form of information about hosts or services. Once certain milestones are reached, the tester is then provided with information about the application logic, and authentication controls to undertake extended testing. This fits with Nettitude's Grey box testing methodology.
Nettitude can also carry out Security Testing that addresses the human aspects of Information Security. Often referred to as Social Engineering tests, Nettitude can assess whether it is possible to get a helpdesk to reset passwords or distribute passwords to unauthenticated users. Nettitude can assess whether it is possible to tailgate a user in to a building, bypassing physical access controls. Nettitude can also audit office work space for sensitive information, such as network access details, usernames or passwords.
Nettitude can also undertake policy and procedural type security reviews. As both a PCI DSS Qualified Security Assessor and an ISO 27001 Lead Audit we understand Information Security Inside Out. Our highly trained security consultants have a wealth of experience and can offer security best practice advice and guidance to organisations of all shapes and sizes.
|
|
Nettitude's approach to security testing can be tailored to meet the individual requirements of our client's environments. We have a strong focus on our methodology and quality control to ensure that we produce a consistent approach to testing and strong documentation and remediation advice. This helps our client's to manage their security posture and reduce their overall Information Security exposure.
To find out more about how Nettitude can help you with your Security Testing requirements,
please complete our contact form,
and a Consultant will respond to your enquiry.
|