A key component of any assurance program is testing for security vulnerabilities and potential weaknesses that may allow a malicious party unauthorised access to an organisation. After a significant change in your system or application, testing should be conducted to ensure that new vulnerabilities or security issues have not been introduced. Testing after significant change is a critical step in the Systems Development Lifecycle (SDLC) that seeks to identify risk or potential risks in the system under development.
Foresight can provide a range of penetration testing and vulnerability assessment services for your organization, using an assessment methodology derived from well known and accepted sources such as PCI-DSS, OWASP, NIST, and OSSTMM.
Penetration testing provides management with the opportunity to conduct in-depth, detailed interrogation of configuration parameters to identify potential vulnerabilities and inadequacies in security configuration through simulated cyber exploitation. Penetration testing can be conducted on various infrastructure components and systems from both an internal and external perspective.
A vulnerability assessment provides invaluable information and evidence to assist management in identifying those areas in IT security that require improvement and re-configuration. A vulnerability assessment actively scans and probes, but does not exploit identified vulnerabilities.
Foresight’s certified personnel have experience in conducting penetration tests and vulnerability assessments for: