Are you looking to get ahead of the game and proactively secure your server data, avoid hacking attempts and achieve compliance?
In a penetration test, Stickman will help identify known and unknown vulnerabilities in your external or internal networks and applications. Normally clients require penetration tests to be carried out on a variety of targets like the following:
- Application Penetration Testing
- Network Penetration Testing
- Wireless Network Penetration Testing
- Social Engineering Testing
- Physical Site Penetration Testing
- Standards Based – Our penetration tests are based on standards like OSSTMM, OWASP and NIST.
- Certified Testers – We promote all our testers to affirm security certifications like CISSP, GIAC, CISA, CISM & CEH. All our testers are periodically back ground checked.
- State of the art Tools – We leverage state of the art commercial, open source & proprietary tools.
- Efficient & Cost Effective – We leverage teams in Australia & Asia to meet tight schedules.
Application Penetration Testing
Application Penetration Testing is also referred to as a black box application security test or a grey box application security test. In this test, the application security tester captures the business logical thought flow of the application, catalogues the potential threats to the application, and prepares what is called a Foreboding Profile for the application.
It is necessary to follow this process as each implementation is unique and heterogeneous to other applications both in workability and underlying technologies.
- Web Application Penetration Test
- Thick Client Application Penetration Test
- Embedded Application Penetration Test
- Mobile Application Penetration Test
- Appliance Penetration Test
Network Penetration Testing
Network Penetration Testing can be executed either on your extramural facing network / perimeter or your domestic network. We conduct both internal and external network penetration tests for our clients. The goal is to identify known vulnerabilities in your network and using multi test confirmations and expert based testing, we eliminate false positives.
Network Penetration Testing is recommended to be performed periodically and is distinct from a vulnerability scan, in the fact that an expert penetration tester is involved in studying your network, analysing the results and doing course corrections on the fly to break into your network. The penetration test can include the option of exploiting of vulnerabilities that are discovered.
External Penetration Test
External Penetration tests are conducted on external or public facing network to identify vulnerabilities that are noticeable to intruders at large.
Internal Penetration Test
Internal Penetration Tests are conducted on the internal network to identify vulnerabilities that are visible to potential people in the know, contractors, and partners with malicious intent.
Security Code Reviews
Our clients conduct code reviews for one of the following reasons:
- To meet a regulatory requirement (e.g. PCI DSS 2.0, clause 6.3)
- To verify that custom applications (self developed or outsourced) are free from accidental or intentional Back-Doors
- To conduct security due diligence of key applications / Intellectual Property (IP) during a merger or acquisition
- To verify security posture of mission critical applications (part of a broad application security / security testing program)
We offers clients high quality code reviews by taking a hybrid approach which is built on state of the art code scanning software tools and competent, experienced code reviewers.