Ethical Hacking is similar to an Internet Security Assessment and is designed to assess the security of your organization from an intruder’s perspective.

Research has demonstrated that black box testing is less effective in uncovering security vulnerabilities. Protection testing is designed to find those holes in your system's security that will not be discovered using a Penetration Test.

Strasan’s tiger team both maps your network and simulates a real intruder’s attacks using an audit based process that is scientifically demonstrated to be over 3 times more effective than a standard penetration test process.

It is a means of discovering what access an attacker potentially has to your organisation’s information infrastructure but in a controlled, safe way. On conclusion of these tests, you will know the status of your security plus have recommendations on how best to mitigate known vulnerabilities.

Protection Testing is more comprehensive than traditional penetration testing. Tests are customer designed according to client needs, system platforms, network connections, software and databases comprising your IT facilities. Delivered to the client is the “intruder’s view” of the system as well as an examination of the configuration and management of systems - factors that could lead to new exposures in the future.

Protection Testing is particularly relevant to organisations offering services over the Internet, such as databases linked to a web server. All such links create new pathways between the Internet and your organisation, which are potentially open to abuse by attackers to gain access to your organisation’s network and data.

Strasan’s Approach

• Comprehensive review of your Internet solution on both technical and management level.
  
  
• The Technical review consists of multiple “intrusion tests” and configuration analysis. Provides a thorough understanding of the strengths and weaknesses of your Internet solution.
  
  
• The Management Review consists of interviews with administrators and management plus reviews of security documentation. Provides insight into how your organization is prepared to handle the security of the solution over time.

Benefits of using Strasan’s approach

• Minimised risk of an attacker causing damage to your network
• Operate from an informed position
• Holistic health check of information security infrastructure protecting information assets in terms of adequacy, extensibility, risk management
• Identify and know the value of your organisation’s information assets, the risks posed to those assets and classification (critical through to low)
• First step towards securing your information assets
• A gap analysis of the risks and controls in place
• Recommendations and options suited to the specific needs of your business.