Security Testing

Security Testing

Kyte is in a position to offer vulnerability scanning services as well as Attack and Penetration testing on your inside or external facing systems. We have provided such services to a number of high profile customers which are wholly dependent on their information systems. Whilst vulnerability scanning involves a fully automated process, which can be configured to match the scope of your network, penetration testing involves a combination of both manual and automated techniques. A penetration test attempts to carry out an analysis of your infrastructure just like a hacker would. We are in a position to provide black box and white box testing as well as internal and external testing. The pentest can also cover social engineering type of attacks.

Should you require more in depth analysis of your applications, our team of testers can look into your code and identify potential coding vulnerabilities that may not be detectable through normal pentesting techniques.

Another service we can provide is Web Application Scanning, which is an automated test specifically targeted for application vulnerabilities. This test is based on a small subscription charge and allows you to conduct unlimited tests on your application, a valuable resource for your developers.

Kyte is also in a position to carry out more specialized testing such as social engineering, WiFi testing, Code Reviews and Denial of Service attacks.

FAQs

Q:Do you need to come on site to conduct a pentest?
A:

Not necessarily. External testing is easily conducted remotely whilst internal testing can be easily carried out by providing us with access to a VPN connection or a VM on the internal network.

Q:How long does a pentest take?
A:

Testing times vary according to size and complexity of the network and the objectives of the test. We typically estimate and quote on the basis of man days effort. An external pentest can typically take between 3-9 days. Needless to say, the more time afforded to the test the better the chances of finding issues.

Q:Can my software be checked for programming errors?
A:

Absolutely. We can provide code review exercises where the code is manually reviewed by one of our testers for coding errors which may or may not yet manifest themselves as bugs on the live system.

Q:Am I required to do a pentest?
A:

Most information security standards require a vulnerability management program should include pentesting. Several regulators also mandate annual pentesting.