Penetration Testing

We provide penetration testing to locate vulnerabilities in your business' cyber defense and to test the robustness of security controls already in place.

Get expert guidance completing Cyber Essentials Penetration Testing

Talk to a Cyber Security Specialist

What is penetration testing?

Penetration testing or a “pen test” involves using ethical hackers to run a mock cyber attack against your organisation’s security infrastructure. The aim of penetration testing is to unearth vulnerabilities and gaps in your security defence. 

Our pen testers use the same techniques and tools used by hackers in order to simulate a real life cyber attack. The pen test can be targeted at many different technologies, such as laptops, mobile phones, web apps, networks, hardware, virtual hardware etc.

Penetration testing

We offer penetration testing in the following areas...

Penetration testing

Mobile applications

Mobile applications are tested for vulnerabilities specific to the mobile environment, such as insecure communication protocols, insecure data storage or inadequate encryption.

Penetration testing

Network and wireless networks

Networks are tested to find weaknesses like open/rogue access ports, inadequate authentication mechanisms, weak encryption and other misconfigurations that pose unauthorised access risks.

Penetration testing

Web applications

Web applications such as websites, web portals and web services are tested for potential vulnerabilities such as SQL injection, cross site scripting and insecure authentication that could be exploited by attackers.

APIs

The testing of application programming interfaces (APIs) evaluates the security of the communicating interfaces by testing API endpoints, improper input validation and lack of authentication or authorisation controls.

ICS

ICS (Industrial Control Systems) are tested to reveal exploitable weaknesses associated with the control of infrastructure components typically used in sectors like manufacturing, energy, transportation, and utilities.

Cloud infrastructure

Cloud-based infrastructure, platforms and services are evaluated and tested for appropriate access controls, correct configurations and shared responsibility model to identify potential weaknesses.

Social engineering

To gauge security awareness, pen testers use phishing and other methods to attempt to manipulate individuals into divulging confidential information or perform actions that compromise security.

Red / Purple Team

Red teaming is the conduct of simulated attacks to identify vulnerabilities independently. Purple teaming is a collaborative testing effort using both red (attacking testers) and blue (defenders) in joint exercises to improve response capabilities.

"The biggest benefit to working with MyEmpire Group is having access to cyber expertise on an as-needed basis. We're able to access skills and knowledge across a broad range of [cyber security] areas, and without having to hire in-house."
Jenelle Schultz
Chief Operating Officer, Business Fitness

How we do our penetration testing...

Stay legal

Approvals are obtained before performing any testing activities.

vCISOs

Defined and tailored scope

The boundaries of the testing are tailored to your needs and clearly defined before any activity is commenced.

vCISOs

Respect of data

Any data handled during the activity will not be used for any other purpose.

Ready to mature your cyber security?

What is the difference between a ‘penetration test’ and a ‘vulnerability assessment’?

Penetration testing uses ethical hackers to simulate a cyber attack to identify vulnerabilities and assess the effectiveness of security defence. 

Vulnerability scanning involves using a tool to identify and document potential vulnerabilities within a system, network or application. 

Penetration tests and vulnerability assessments both aim to identify weaknesses in cyber security, however, pen tests are a lot more comprehensive than vulnerability assessments. For instance, a vulnerability assessment is often a step within a penetration test. During a penetration test, a pen tester may perform a vulnerability scan/assessment as a way of finding vulnerabilities which they then try to further exploit as part of the pen test.

Cyber security specialists Penetration testing

Is pen testing right for you?