Penetration Testing (Pentest)
Cyber Intelligence
DESCRIPTION:
The penetration testing service is designed to perform ethical hacking exercises to identify and exploit vulnerabilities in the organization’s infrastructure or applications. The purpose is to find potential attack vectors that could be used by a threat to compromise the confidentiality, integrity, or availability of information. These tests allow "CLIENTE" to understand the potential impact that could result from a successful attack against its infrastructure.
DELIVERABLES:
Executive summary (executive presentation):
• Scope of the analysis
• Most vulnerable assets
• Root-cause recommendations
Vulnerability matrix:
• CVE related to the vulnerability (when applicable)
• Risk classification
• Vulnerable asset
• Vulnerable service
• Vulnerability
• Vulnerability description
• Mitigation recommendation
CODE
PTS
BUSINESS LINE
Cibersecurity
CATEGORY
Cyber Intelligence
RESPONSIBLE:
Eduardo Salmerón
METHODOLOGY:
General Penetration Testing Methodology
SCOPE:
Technology assets identified as exposed/published to the Internet
EXECUTION TIME
With credentials:
• Identified assets exposed/published to the Internet – 20 business days