Pentest & Red Team Services
How resistant is your business to cybercriminals? It is important to know exactly where the strengths and weaknesses lie.
Content security is essential
You can have all kinds of security systems in place in your company, but as with everything else, it also applies to IT security that your defence is no stronger than the weakest link.
With the Dubex Pentest and Red Team, we can reveal the cybercriminals so you can secure your business even better.
Finding these weaknesses and vulnerabilities can be difficult, not least because it requires you to think like a cybercriminal.
Pentest - we find your weaknesses
When our consultants embark on a Pentest, we try to exploit the vulnerabilities your IT systems may have. Often, we initially perform vulnerability scans so we know where the weakest link is, and then we use both automatic and manual tools to try to access selected IT systems.
Our Pentest is always performed according to our customers’ requirements and on critical and/or sensitive systems. When we find the gaps that give access to your IT infrastructure, we make recommendations on how it can be closed, so you minimise the risk of being hacked.
Red Team - we pretend we’re cybercriminals
When we embark on a Red Team drill, our experienced consultants seriously take on the persona of cybercriminals. By agreement with the customer, we do everything within the framework of the law and the customer’s wishes to compromise security.
A Red Team drill can just as well be about gaining physical access to our customers’ installations – in order to gain access to sensitive systems – as well as about access to critical data.
Mapping of risks
A Pentest and Red Team drill will identify potential security gaps and create awareness of cybersecurity among both management and employees in your company. They will also test your company’s Incident Response preparedness – meaning that we test how good your company is at responding to intrusion or suspicious/malicious actions.
Our Pentest and Red Team drill can include the following:
- Mapping of publicly available information that may affect the customer’s security level
- Testing the customer’s network security for physical and or wireless networks
- Evaluation of the customer’s physical access controls
- Monitoring of the customer’s facilities
- Mapping risks so that employees, subcontractors or external consultants at our customers’ premises can gain unauthorised access and cause a breach of data security
- Assessment of general awareness of IT security among the customer’s employees
- Assessment of the security of the customer’s web applications.
Always in collaboration
No matter what type of test we perform for you, it will be done in close collaboration. We will jointly adapt the test for you to decide which security breaches will be most harmful to your company, and we define the objective of the test.
Some of the objectives can be a leak of sensitive information, downtime for production systems or tampering with your website, which can damage your reputation.
Once the tests are completed, our consultants prepare a report for management that briefly describes and prioritises the security issues we have found. We also provide recommendations for solutions that can remedy these security issues, and we also prepare a technical report which the IT department can use for its further security work.
Address tomorrow’s challenge, today.
Talk to an expert about how we can secure your business