2

Penetration Test

A high level sophisticated penetration test which focuses on information assets rather than on information systems. This attack simulates a motivated hacker or team of hackers, which targets a specific asset in an organization, be it source code, emails, financial information, general production environment, SCADA environment or any other organizational asset.

The team will use all means necessary, within given financial limitations, in order to get access. The attacks can include custom developed tools and research in order to bypass security appliances and software on the client's premises.

Tests will include the following:

• Social engineering

• Malware manipulations

• Advanced Phishing (internet or cellular)

• Circumventing protection systems

• Resilience of network separations

• Manual and in-depth testing for logical problems in the infrastructure's architecture and settings

• Use of external dark-web tools for filtering, decoding, bypassing and “crypting”