Blaze Information Security Network & Infrastructure Penetration Testing
What Can You Expect?
Proper Scoping and planning:
We invest time and resources into a scoping process that quickly identifies the effort required for your project. This process ensures a bespoke service that aligns with your exact requirements, avoiding under scoped or over scoped projects.
For an external test, we evaluate the defences of your organisation against a motivated and persistent external attacker with no privileged access or knowledge about the network environment. Should you prefer an internal test, we assess the security of your company from the standpoint of a malicious insider, such as a disgruntled employee that may have basic access to the network.
Our team is well-versed with penetration testing of AWS cloud environments as well as traditional infrastructures based on Windows/Active Directory, Linux and UNIX-based systems.
Blaze will provide your organisation with a detailed report listing all the vulnerabilities and weaknesses in your application, from the perspective of a motivated and capable adversary.
The report includes the following:
- Executive summary where the issues, attack scenarios and business impact are explained in a non-technical language
- A detailed description of the vulnerabilities, demonstration of attack scenarios and suggestions for fixing the issues
- A remediation prioritisation matrix, helping your team to prioritize fixes and decrease risks to the environment
Reports are delivered within 3 business days from the completion of the security assessment.
The reports can be used for vendor risk assessments and compliance audits that frequently require penetration testing, such as SOC 2 type II, CCPA, GDPR, PCI- DSS, HIPAA, ISO 27001 and others.
Retesting is free if performed within 90 days from the delivery of the final report.
A seasoned team of experts:
We provide boutique-level quality work because cyber security is in our DNA – from our engineers to the management team, we are a team of seasoned hackers and cyber security experts. Our team is composed of professionals with certifications such as OSCP, OSWE and others.
Our services are insured by AIG with a worldwide professional liability (E&O) cover of 2,000,000 EUR.