Have your web application, network or IoT hardware tested

A well-known saying is “attack is the best form of defence”. Although this is a huge cliché, it is still true. An artificial attack is the best way to defend yourself.

Navaio’s ethical hackers look at your IT infrastructure from the eyes of real cyber criminals and analyze vulnerabilities found in order to penetrate your systems/applications. For this, our experts use industry standard tools and frameworks for security assessment, but also their own creativity characterizes their character.

Risk Assessment: Wat is het

A pen test ensures:

By having a pentest performed, you protect your data and you are more in control. A pen test ensures:

  • Proactive security;

  • Controlling security risks;

  • Improve your compliance.

Report and Advice

After performing the pen test, you will receive a clear report with all vulnerabilities found and how they were found. The vulnerabilities can be found in a risk matrix (using the Common Vulnerability Scoring System methodology).

Our service does not stop here. We also provide tailor-made advice on how to resolve the vulnerabilities. Do you have questions afterwards? Then we will of course be happy to answer them.

Advies en rapport

Would you like to know more about a possible pen test?

Would you like to know more about the possibilities of pen testing for your organization? Or do you want free advice? Our specialists are happy to discuss this with you.

The different test methods of a Pentest

It is not the case that there is a best method, this is completely dependent on the situation of the organization. Do you want to know which method is best for your organization? Our experts are happy to advise you.

White box

With a white box Pentest, you as an organization have previously shared all information with our ethical hacker. Think of the source code of the application or the structure of the IT infrastructure. By sharing this information, the ethical can look for vulnerabilities from within and possibly even solve them immediately.

Grey box

With this method, some information is made available, such as credentials to log in or information about the IT infrastructure.

Black box

Our ethical hacker has no information whatsoever, just like in real life. For example, our “hacker” can recreate a real situation of a cybercriminal who attacks your IT infrastructure.

The process of a Navaio pentest

DISCOVERY AND EXPLORATION

In this phase, information about the infrastructure, systems and applications is collected and researched. This includes performing network or application scans; assessing the system, network or application architecture; or going through a typical use case for the environment. The results of discovery and exploration determine vulnerable areas that can be exploited.

VALIDATION & OPERATION

Using the results of the reconnaissance efforts, a vulnerability assessment phase is conducted in which evaluators list and validate all potential vulnerabilities affecting each host and application, develop a list of possible attack vectors and launch exploit attempts to compromise confidentiality, integrity and availability (CIA ) of the environment and the data contained therein.

REPORT

All vulnerabilities found are described in detail in the report. The steps how these vulnerabilities were found (evidence for reproduction). In addition, a risk description with a risk matrix (impact x probability) is described in the report, so that an action plan can be drawn up by the organization to mitigate vulnerability. Specific recommendations will be made by the pentester, so that this process of resolving vulnerabilities can be carried out quickly and efficiently by those responsible.

ADDED VALUE NAVAIO

Our ethical hackers distinguish themselves through their proactive and professional attitude. They are also in possession of a VOG statement. In addition, our ethical hackers typifies: thinking out side of the box and keep trying! After the pen test, they will help you further with solving any vulnerabilities that may have been found. This aftercare makes Naviao unique.

More information?

Do you want insight into the vulnerabilities of your company? And do you want to protect yourself better against external influences? Please contact us. We look at your IT landscape together to make the best choice. One of our ethical hackers will be happy to give you free advice.

In one of our webinars we spoke with three experts from the field about doing a pen test. Watch the webinar ‘Ransomware: that won’t happen to us, will it? Still?’ back on our Youtube account.

Zelfstandige professionals

DO YOU HAVE QUESTIONS
ABOUT A PENT TEST?

Would you like to know more about what we can do for your organization?

Get in touch