Get benefited from Experinced and Expert Teams International Service
We perform metodologies(OWASP > OSSTMM > ISSAF > NIST SP800-155) created by international security comitees by unifying with inventiv experience.
How We Offer Cyber
Security Service?
1. STEP
Information Collecting
To describe the test goals and scope and documantate, are worked with the company. To undertstand the companies test goals and needs, security and compatability requirements, business risks and other related factors completely negotiations are done. About designated goal and infrastracture, information are collected and reviewed.
2. STEP
Planning Analyze
Due to the test scope, the informations may contain efficiency, using situations, user suggestions, security mechanisms, critical spaces regarding with security, hosting environment and more. Test plan is made by taking these critical points into consideration.
3. STEP
Security Vulnerability Detection
In direction of test plan, automated scanning sofware and security vulnerabilities on the target with manuel tests, are detected. Particular security tests applicable for applications is completed and probable attack scenerios are determined by understanding the business logic in the applications.
4. STEP
Penetration Test
The applicability of the security vulnerabilities obtained by considering the test targets, scope and participation rules is determined by acting with the company.
5. STEP
Reporting
After completion of penetration tests, detailed reports are prepared for taking corrective precautions. All detected security vulnerabilities and reccommended corrective ways is listed in this report.
SECURITY
Frequently Asked Questions
During a penetration test, high-qualified cyber security specialists take on an attacker role and try to break into a companies network. Like an attacker do, it reconnoitres on the network and exploits the security vulnerabilities to find an infirmity. This tests indicates to infirmities that can be exploited by a real hacker and offers a road map for improvement.
It differentiates depends on your companies execution field and “attacker attractiveness”. It is recommended that for companies engaged in highly sensitive executions pentests should be perfomed a few times in a year in order. The purpose is to test the latest attacking way.
For the companies which engaged in less sensitive executions, ıt is recommended that pentests should be performed subsequently a new version or major features upgrades.
inventiv offers you an explicit audit report which indicates; what and how have been tested, which infirmities ıt has and how to use them. The report includes; screenshots, stolen data summaries and scenarios for re-attacks.
As inventiv, during a penetration test, we don’t share any secret information we would encounter, to a place exept yours. The elements we found, only specifies as Anonymous to explain a security infirmity at the audit report. In addition, the audit reports are kept only for a short term by inventiv.
Goals of a penetration test, differentiates tremendously according to the scope it examines. In general, the purpose of a penetration test is to verify the effectiveness of controls designed to secure the preserved system or assets.
Penetration test always should report the projects goals. Penetration test reports, should summerize the scope, needs and results.
Since security vulnerability scans, use recognition features have been configured in advance, a system have points that can’t be tested completely. Penetration test, provides a range for serious security errors that browsers wouldn’t be able to test and absolutely increase the companies security standing.
Our metodology of penetration test, has been specially designed for removing, data loss, downtime and risks. When taking advantage of a security weakness carries a risk for the system, we will documentate the security weakness and report it for our customers. We will not engage in any activity that will disrupt your systems.
A succesfull penetration test, deems as start point for giving priority to indisputable proof of the problem and to fix. Penetration test, focuses on high concentrated security infirmities and removes falses and positives.
Time of the penetration test depends on the type of the systems and amount with the test. In normal conditions a test time takes 1-2 weeks.