What is penetration test?

With Dhound you can find balance between web security and transparent business

When it comes to security, at Dhound we take it seriously.

We conduct Penetration testing (also known as pen test or ethical hacking) so you can breathe out and be confident your system in safe hands.

Pen test is an imitation of a real hacking attack but performed by security knights who fight for your web security with noble intentions.

Unlike vulnerability assessement, ethical hacking at Dhound not just seeks for vulnerabilities. It would be too easy for us.

We aim to find out security breaches in your web system before true enemies attempt to exploit sensitive data.

To stay ahead of adversaries, we apply hacker’s mindset and techniques but no worry! Unlike real intruders, we never make an attempt upon your data.

Depending on a web system specifics, we recommend our clients an annual pen test session or even oftener if a business cooperates with sensitive data on a regular basis.

Why do you need Dhound security assessment?

Your clients claims partnership only with reliable and secure solutions, and you keep your promises, guaranteeing your business transparency

You work under security regulations stated by the law to take certain security measures (i.e. SOC2, ISO 27001 (27002), HIPAA, PCI DSS, etc.)

You assess your risks, value storaged data and care about your system defensive abilities

How we do it?

At our team, we like to keep it right. That’s why penetration testing is conducted by people who are experts in their zone. They have little-to-no information about how clients deal with security and what methods do they use. This approach in combination with manual penetration testing ensures the most high fidelity results and wide coverage of threats that automated tests fail to identify.

1Explore

At the first step, we want to know your better! Or would rather to say, your business and our test target system.

Together we define test goals, approach and scale so that our team of experts can get on the inside of your system where even hackers fail to reach.

2Test

The second stage assumes our testers will exploit the vulnerable spots to see if they can cause damage.

We dig deep, conducting manual pen tests through massive attacks at your system to search for vulnerabilities, intrusion attempts and identify protection flaws.

3Deliver

We work until we nail it to deliver results that will be insightful for you and help protect your business.

We report to you on our findings with detailed description and professional recommendations how to patch security holes.

We keep in mind not all of our clients are tech savvy geeks. We find ways to deliver test insights in a manner both executive and tech departments could get value.

What methods do we use?

To deliver topmost results we stay in tune with white hat international security standards and keep up with up-and-coming pen test techniques:

  • Open Web Application Security Project (OWASP) Testing Guide
  • Double-blind testing
  • Penetration Testing Execution Standard (PTES)
  • Blind testing
  • Common Vulnerability Scoring System (CVSS)
  • Web Application Security Consortium (WASC) Threat Classification
  • Internal testing
  • Targeted testing
  • Information Systems Security Assessment Gramework (ISSAF)
  • External testing
  • Open Source Security Testing Methodology Manual (OSSTMM)

Penetration testing and vulnerability analysis

We aim to be trustworthy by our clients. That’s why out team holds CISSP and conducts more than 100 test-scripts, covering the most typical OWASP vulnerabilities such as:

  • Cross Site Scripting (XSS)
  • Injection
  • Broken authentication
  • XML External Entities (XXE)
  • Broken access control
  • Security misconfigurations
  • Insecure deserialization
  • Sensitive data exposure
  • Using components with known vulnerabilities
  • Insufficient logging and monitoring

What will you get?

Test delivery is a box full of goodies. Inside the final penetration testing report you’ll get:

  • The list of revealed security cracks
  • The sensitive data under threat of stealing
  • Time spent on attempts of system intrusion
  • Screenshots and detailed descriptions alongside the process
  • The business risk assessment of each discovered vulnerability
  • Potential solutions and proactive measures in future
  • Security recommendations based on business specifications

Think proactively about your web security: prevention costs less than cure

Pen testing won’t let your business get off track.
Choose Dhound to enable your system health to be on guard to new threats

Leave us your email and we’ll contact you to discuss all details