64MM

Get_Event_Log
  • Home
  • Vulnerability Assessment
  • Penetration Test
  • SQA
  • Blog
  • Resources
  • More
    • Home
    • Vulnerability Assessment
    • Penetration Test
    • SQA
    • Blog
    • Resources
Get_Event_Log
  • Home
  • Vulnerability Assessment
  • Penetration Test
  • SQA
  • Blog
  • Resources

Penetration Testing

Penetration Testing with Get Event Log

Let us launch a controlled cyber-attack on your network, applications, processes or environments. Security is a very important component to any organization that is connected to the Internet. Please feel free to send us an email to begin a conversation about what types of tests your organization could use.


We adhere to the NIST Cybersecurity Framework, and ISO/IEC 27002.


If you would like to fill out a scope document click here to download.

email us

Testing Approaches

• Black Box Penetration Testing: In this approach, the tester assesses the target system, network or process without the knowledge of its details. They just have a very high level of inputs like URL or company name using which they penetrate the target environment. No code is being examined in this method. 


• White Box Penetration Testing: In this approach, the tester is equipped with complete details about the target environment – Systems, network, OS, IP address, source code, schema, etc. It examines the code and finds out design & development errors. It is a simulation of an internal security attack.


 • Grey Box Penetration Testing: In this approach, the tester has limited details about the target environment. It is a simulation of external security attack.

Network enumeration and mapping

This first step often involves port scanning to work out the topology of a network, and to establish which computers are connected to the network and the operating system and services they are offering. 

Reconnaissance

This involves contacting the machines on the network and extracting information from them such as the applications they are running, operating systems, software manufacturer and type, etc.

Network sniffing

Network sniffing is used to examine traffic flowing over the network and to search for unencrypted data including passwords or VoIP traffic. .

Vulnerability scan

A vulnerability scan can reveal whether any machines have insecure versions of software or other known vulnerabilities that can be exploited, or whether any wireless access points are open or have weak passwords.

Exploit launching

This stage of penetration testing attempts to exploit any known vulnerabilities to gain control of a system.

Further exploitation

Once a single vulnerable system is compromised, you can leverage this to penetrate the network further. 

Phishing and social engineering

We can implement social engineering in the context of information security, by using psychological manipulation on your organization by performing certain actions or divulging confidential information.     


Remote Tests are used to trick an employee into compromising confidential data using electronic means. The tester could conduct such an attack via a phishing email campaign.    


Physical Tests require direct contact with the employee to retrieve sensitive information. It may also involve tactics like Dumpster Diving, Imitation, Intimidation or trying to convince the subject via telephone calls. 

Reporting

The documentation will contain an introduction, scope, executive summary, test methodology, vulnerability description, recommendations, and conclusions, listing of tests completed, findings, methodology, and threat rankings.

Contact Us

Get Event Log

Saint Augustine, Florida 32084, United States

chris@geteventlog.com +1 904 599-0195 +1 303 521-4926

Hours

Today

Closed

 Feel free to give us a call or send an email 24 hours a day. We'll return your call or mail ASAP. 

Copyright © 2022 Get Event Log - All Rights Reserved.

This website uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be anonymously aggregated for analysis.

DeclineAccept