Penetration tests are a detailed analysis of the information security system in the company. They assess vulnerability of network elements. They are made to check the resistance and performance of the system and its response for cases of external interference attempt.
Securing the IT infrastructure in the company guarantees that processed data is adequately protected, and attempts to break the barriers are prevented. To ensure high level of security of the IT system, we suggest conducting penetration tests and introducing recommended implementations.
Network penetration tests
Network penetration tests check the IT security system owned by the company. They detect technical vulnerabilities, system errors and obsolete or malfunctioning firewalls.
We perform Black-box and White-box tests.
Simulated attacks verify the security level of an IT system in two ways:
1. Automatic scanning of network devices using specialized IT tools.
2. Manual testing of the security level of IT network.
Our specialists perform pentests based on:
- identification of an IT system using web services, including: WWW, FTP or Telnet,
- verification of IT system’s response to the attacks,
- searching for errors of updates and configurations,
- security testing using scanners commonly used by cybercriminals,
- password strength testing (brute-force attack) and gaining access to the user’s account,
- analysis of the efficiency of firewalls,
- scanning network devices, including routers, switches and printers.
Web applications penetration tests
Companies that have access to the Internet are exposed to numerous threats. Viruses, spyware and hacker attacks are the main causes of system failures and errors. Not using appropriate IT security measures results in system malfunctions and data loss.
Penetration tests are based on simulated attacks aimed at web applications. These attempts to break safety barriers are carried out in a controlled manner.
Penetration tests of web applications check the security level of software through:
- detection of security vulnerabilities,
- identification of areas that allow unauthorized people to take control of the web application,
- finding existing technical errors and failed updates,
- verification of the security level of the website and its communication channels.
After penetration tests, our clients receive a detailed report that includes:
- description of IT solutions to protect against leakage of confidential data,
- recommendations for strengthening the protection of web applications,
- detailed information on the currently used protection measures,
- assessment of the performance of web applications.
Performance tests verify if the application functions correctly. They assess the risk of non-standard behavior, especially in the case of high network load.
The tests are performed in two stages:
1. Locating bottlenecks and identifying unwanted behavior within the network applications.
2. Verification of the possibility of removing the problem.
Performance tests check:
- network points availability,
- application performance,
- network infrastructure vulnerability to system performance issues,
- the maximum number of users who can work simultaneously within the system,
- load level at which the application can work normally (stress testing),
- system stability in case of high load.
We create a report and discuss it with the client.
Bluevirt specialists test load of individual services in a controlled manner. They identify problems, suggest solutions and recommend how to avoid disruptions in the operation of services in the future. The analysis is completed with a report that includes advice on how to customize and configure the application for optimum performance.