What is penetration testing?
- Discovering and addressing the gaps within the security tools that an organisation is using
- Finding multiple attack vectors and misconfigurations
- Prioritising the vulnerable opportunities and fixing them, and
- Improving the overall security latency of the organisation
SecureTriad’s approach to penetration testing utilises a comprehensive, risk-based approach to identify critical vulnerabilities that exist in all in-scope networks, systems, hosts, and applications using a combination of automated and manual techniques. Our processes are governed by established industry practices such as OWASP, OSSTMM, NIST, PTES and SANS. These industry standards play a vital role in guiding us through a detailed and accurate assessment of information systems.
Our approach is divided into five main categories which are as follows:
Open Source Intelligence (OSINT) is the process of gathering information from free, public sources.