Image module
Penetration tests

Pen­et­ra­tion tests are a detailed ana­lys­is of the inform­a­tion secur­ity sys­tem in the com­pany. They assess vul­ner­ab­il­ity of net­work ele­ments. They are made to check the res­ist­ance and per­form­ance of the sys­tem and its response for cases of extern­al inter­fer­ence attempt.

Secur­ing the IT infra­struc­ture in the com­pany guar­an­tees that pro­cessed data is adequately pro­tec­ted, and attempts to break the bar­ri­ers are pre­ven­ted. To ensure high level of secur­ity of the IT sys­tem, we sug­gest con­duct­ing pen­et­ra­tion tests and intro­du­cing recom­men­ded imple­ment­a­tions.

Network penetration tests

Net­work pen­et­ra­tion tests check the IT secur­ity sys­tem owned by the com­pany. They detect tech­nic­al vul­ner­ab­il­it­ies, sys­tem errors and obsol­ete or mal­func­tion­ing fire­walls.

We per­form Black-box and White-box tests.

Sim­u­lated attacks veri­fy the secur­ity level of an IT sys­tem in two ways:

1. Auto­mat­ic scan­ning of net­work devices using spe­cial­ized IT tools.

2. Manu­al test­ing of the secur­ity level of IT net­work.

Our specialists perform pentests based on:
  • iden­ti­fic­a­tion of an IT sys­tem using web ser­vices, includ­ing: WWW, FTP or Tel­net,
  • veri­fic­a­tion of IT system’s response to the attacks,
  • search­ing for errors of updates and con­fig­ur­a­tions,
  • secur­ity test­ing using scan­ners com­monly used by cyber­crim­in­als,
  • pass­word strength test­ing (brute-force attack) and gain­ing access to the user’s account,
  • ana­lys­is of the effi­ciency of fire­walls,
  • scan­ning net­work devices, includ­ing routers, switches and print­ers.
Image module
Web applications penetration tests

Com­pan­ies that have access to the Inter­net are exposed to numer­ous threats. Vir­uses, spy­ware and hack­er attacks are the main causes of sys­tem fail­ures and errors. Not using appro­pri­ate IT secur­ity meas­ures res­ults in sys­tem mal­func­tions and data loss.

Pen­et­ra­tion tests are based on sim­u­lated attacks aimed at web applic­a­tions. These attempts to break safety bar­ri­ers are car­ried out in a con­trolled man­ner.

Penetration tests of web applications check the security level of software through:
  • detec­tion of secur­ity vul­ner­ab­il­it­ies,
  • iden­ti­fic­a­tion of areas that allow unau­thor­ized people to take con­trol of the web applic­a­tion,
  • find­ing exist­ing tech­nic­al errors and failed updates,
  • veri­fic­a­tion of the secur­ity level of the web­site and its com­mu­nic­a­tion chan­nels.
After penetration tests, our clients receive a detailed report that includes:
  • descrip­tion of IT solu­tions to pro­tect against leak­age of con­fid­en­tial data,
  • recom­mend­a­tions for strength­en­ing the pro­tec­tion of web applic­a­tions,
  • detailed inform­a­tion on the cur­rently used pro­tec­tion meas­ures,
  • assess­ment of the per­form­ance of web applic­a­tions.
Image module
Performance tests

Per­form­ance tests veri­fy if the applic­a­tion func­tions cor­rectly. They assess the risk of non-stand­ard beha­vi­or, espe­cially in the case of high net­work load.

The tests are per­formed in two stages:

1. Loc­at­ing bot­tle­necks and identi­fy­ing unwanted beha­vi­or with­in the net­work applic­a­tions.

2. Veri­fic­a­tion of the pos­sib­il­ity of remov­ing the prob­lem.

Performance tests check:
  • net­work points avail­ab­il­ity,
  • applic­a­tion per­form­ance,
  • net­work infra­struc­ture vul­ner­ab­il­ity to sys­tem per­form­ance issues,
  • the max­im­um num­ber of users who can work sim­ul­tan­eously with­in the sys­tem,
  • load level at which the applic­a­tion can work nor­mally (stress test­ing),
  • sys­tem sta­bil­ity in case of high load.
We create a report and discuss it with the client.

Bluevirt spe­cial­ists test load of indi­vidu­al ser­vices in a con­trolled man­ner. They identi­fy prob­lems, sug­gest solu­tions and recom­mend how to avoid dis­rup­tions in the oper­a­tion of ser­vices in the future. The ana­lys­is is com­pleted with a report that includes advice on how to cus­tom­ize and con­fig­ure the applic­a­tion for optim­um per­form­ance.