Penetration testing

Panoptes understands that data security is now a key concern for all businesses in order to be complaint with the Data Protection Act. To minimise this security risk, we can deploy our trained TIGER scheme qualified testers to conduct penetration testing in the form of a vulnerability assessment to check that your company’s computer network/infrastructure has not be compromised. All of our services will be accompanied with a timely and accurate report detailing our findings and recommended solutions.

Our services include:

Network and Infrastructure external testing
Our TIGER scheme qualified testers will conduct external testing on any public facing elements that are accessible via the Internet, including firewalls, routers, DMZs, web servers and remote access services. Such devices are deemed to be high risk as attackers can target such devices easily and are thus susceptible to cyber threats. Panoptes also conducts external infrastructure assessments, which include reconnaissance, enumeration, vulnerability testing and manual system analysis.
Internal Testing
Our TIGER scheme qualified testers will conduct internal testing to determine whether an outside attacker or a low-privileged internal user can compromise company data within the company network. We are able to offer different attack vectors in this test but the objective remains the same. Panoptes is also able to perform database assessments, which will check for unauthorised access to your company’s databases and information. Such checks will also monitor excessive consumption of resources and insecure operation. We will also perform checks to prevent information and databases from physical attack, routers and switches, workstation and file servers.
Web Application Testing
Our trained operatives, using the OWASP methodology, are able to check any web application for common vulnerabilities.
Wireless Testing
Wireless networks are highly susceptible to cyber attack so our trained operatives will conduct detailed testing of your company’s network. Our trained operatives will identify all risks and vulnerabilities and will provide our client with detailed preventative measures.
Social Engineering
We are able to conduct a series of exercises to test an organisation’s security controls and test the vigilance of its employees. Our highly experienced operatives are also able to offer advice as well as education and training to ensure that organisations understand how to combat social engineering attacks.
ISO 27001 Consultancy
Our trained operatives can be used on a consultancy basis to create your company’s overall security strategy incorporating Security Policy, Data Protection, Incident Reporting and Management of Information Security related issues.