Penetration testing is a form of security testing where VYFI emulates real-world attacks to identify methods or pathways to evade the security features of a network, system or application. These real-word attacks use tools and techniques, both automated and manual, that are commonly used by attackers which is why penetration testing is sometimes referred to attack and penetration testing; attack the target(s) to see how far they can be penetrated. The goals are to determine whether unauthorized access or other malicious activity is possible. The results of a penetration test can help demonstrate how well the target system(s) or application(s) withstand real-word attacks, the level of sophistication needed to compromise the system(s) or application(s), remediation needed to reduce threats and the defender’s ability to detect and quickly respond to attacks.
VYFI penetration testing is a valuable tool to evaluate the adequacy of security controls to detect and defend against a threat actor. Additionally, VYFI penetration testing helps organizations meet regulatory, framework and certification requirements.
VYFI Penetration Testing Capabilities:
Network Penetration Testing
Application Penetration Testing
- Web Application
- Mobile Application
VYFI offers penetration testing as White, Grey or Black Box efforts. Each requires increasing amounts of planning and discovery effort to identify target assets:
- White Box – full knowledge of target systems, applications and IP addresses in-scope
- Grey Box – partial knowledge of target systems, applications and IP addresses in-scope
- Black Box – zero knowledge of target systems, applications or IP addresses in-scope