Penetration, Testing & Vulnerability Assessment

How robust is your network?

The answer may surprise you. Using sophisticated penetration testing techniques, our expert team can help you to identify security weaknesses in your organisation’s information systems, and suggest ways to strengthen your defences.

Comprehensive testing services

Penetration testing is an invaluable way to test the resilience of your network, pinpointing vulnerable areas and identifying ways to protect your information more effectively. By simulating a malicious attack on your systems, we can conduct penetration testing in three different ways:

  • Full disclosure (‘white box’) testing
    Testers have complete knowledge of the infrastructure to be tested – often including network diagrams, source code and IP addressing information
  • Partial disclosure (‘grey box’) testing
    Testers are provided with limited information about the infrastructure to be tested
  • Blind (‘black box’) testing
    Testers have no prior knowledge of the infrastructure to be tested

Experienced consultants

All QCC penetration testing and vulnerability assessment consultants are trained to the highest standards, holding qualifications such as:

  • CREST
  • CHECK
  • CEH

All these qualifications are backed up with many years of industry experience in testing, assessment and report writing.

Vulnerability testing services

Along with comprehensive penetration testing, QCC also offers vulnerability scanning and remediation services. QCC is well positioned to deliver detailed reports on vulnerabilities found within the network architecture, utilising industry standard tools such as:

  • GFI Languard
  • Nessus
  • Burp Suite

Proven approach

Using our tried and trusted approach, QCC’s experienced testers will identify and quantify your technical vulnerabilities, establishing key areas of concern and making recommendations about how best to address them. Key stages are as follows:

  • Planning
    Acceptable timeframes, agreed target systems, methods of operation and, most importantly, the system owner’s consent are just a few of the many items that need to be addressed before a test can commence
  • Reconnaissance
    Testers attempt to gain as much knowledge as possible about the target network
  • Enumeration
    The tester will attempt to identify the open ports and services available on the systems of the target network
  • Vulnerability verification
    Sophisticated scanners are used to identify vulnerabilities on the target network
  • Vulnerability exploitation
    Using a combination of automated and manual techniques, our testers begin the process of exploiting vulnerabilities in order to establish their extent
  • Reporting
    We provide a report detailing both findings and recommendations

About us

QCC was founded in 1996 to deliver an in-depth technical knowledge of information and physical security, with a thorough understanding of IT security, relevant laws and proven investigative skills.

Browse our blog

Contact information

Please use the details below to contact us here at QCC.

+44 (0)207 353 9000

contact@qccis.com

Buchanan House, Holborn, London, EC1N 2LX

QCC Information Security Ltd

© 2011-2012 QCC Information Security Ltd. All Rights Strictly Reserved.
Website created and maintained by   Web Archetype.