Penetration testing is a method of quality assessment of information systems security. This method allows us to detect potential vulnerabilities and enhance security measures on their elimination.

Assessment of the IT infrastructure of the organization is not being easy due to its complexity and diversity. For the assessment of the IT infrastructure a set of 3 actions shall be used including a comprehensive periodic IS audit, regular analysis of the software vulnerabilities and penetration testing.

If the first two can be performed by the organization itself - by IS and IT engineers, then conducting the penetration testing requires special knowledge and skills. Therefore such testing may involve an outside company with the required experience and licenses.

Penetration testing is implemented by simulating malicious attacks from hackers, from outside and inside the protected perimeter. Testing can give us an independent assessment of the information infrastructure security, to reveal potential mistakes of system when configuring the software and hardware, or the absence of the security upgrades.

AIM SYSTEMS holds the FSTEC and FSB licenses and offers services on conducting penetration testing of different types:

  • testing of corporate network border security
  • testing of public websites of the organization
  • testing of local network, workstations, servers, services and applications
  • testing of wireless systems

Following the testing a detailed analytical report is issued to cover the detected vulnerabilities and possible remedies. The report includes:

  • detailed information on system under review
  • testing schedule and procedure
  • detailed description of the identified vulnerabilities, their assessment
  • recommendations on eliminating of the identified vulnerabilities.

Penetration testing is carried out by the experts with high qualifications confirmed by international and national certificates in the field of information security.