Global Secure Systems - Penetration Testing

Home

• Penetration Testing
• Network Penetration Testing
• Web Application Testing
• Managed Vulnerability Scanning
• PCI-DSS ASV Vulnerability Scanning
• Citrix ESA
• Wireless Scanning
• GCSx IT Healthcheck Testing
• GCSx ITHC Resources
• ICS Catalogue

GSS offer CREST and CHECK certified Security Penetration Testing Services including Web Application Testing, Managed Vulerability Scanning, Network Penetration Testing and Wireless Scanning. Our penetration testing professionals network can ensure the integrity of precious corporate data and keep business systems and applications robust.

The following diagram shows the Security Penetration Testing Services offered by GSS. Click on a circled heading to view further details.

Exposing systems and business applications to the Internet increases the risk of any configuration weaknesses in those systems being exploited by uninvited attackers, human or robotic. The vast majority of such successful attacks use known vulnerabilities for which patches, fixes or other defences exist, but the victim has been too busy to do anything about.

Nowadays almost every organisation has some of their IT infrastructure connected to the Internet, from basic Internet access and e-mail to fully functional web-based applications, often with sensitive or valuable data being processed. Firewalls, AV, IDS and Malicious Code Protection are designed to keep protect corporate system and applications, but if these are incorrectly configured, poorly maintained or subject to genuine human error (let alone malicious changes by a disgruntled employee) they are of little if any value.

Additionally, in order conduct business online, any enterprise or local government authority has to entice customers inside the organisation - typically via a browser running a web-based application. Such applications are fully tested for functionality, but rarely for security and, even if they are, it is often an after thought with little if any budget allocated.

In either case, compromise or failure of these systems or applications represents a very public failure of business trust and confidence and threatens all the previous investment in online transactions, both infrastructure and software.