logo-ict-w.svg

Menu

cs
en

+420 225 103 222

Don't wait for a real hacker to test you

Penetration tests of IT systems, network infrastructure, web applications and internet services are performed as simulations of a real attack; they are tailored to each customer's needs to always verify the actual level of security.

hero.png

Testing modes

blackbox-metoda-penetracniho-testovani-com-plus-cz.jpg

External

The tester has almost no information about the target and needs to look up the information. Most likely an attack from the outside.

Whitebox-metoda-penetracniho-testovani-com-plus-cz.jpg

Internal

The tester has information about and insight into the entire structure and can exploit weaknesses available to employees. An attack similar to an "angry employee".

Graybox- metoda-penetracniho-testovani-com-plus-cz.jpg

Both External and Internal

For example, the attacker knows the exact targets the customer wants to test. The most common type of testing. The customer defines exactly what they want to test.

What types of penetration tests do we do most often?

Penetration Testing of Web Applications

The aim of a web application penetration test is to verify the actual resistance of a web application to an attack. We use automated tools and manual testing, and we perform combined attacks. The test is suitable for websites and large-scale web services applications. The tests are performed using the OWASP methodology.

External Network Perimeter Penetration Test

In the case of an external penetration test, we simulate an attack on the customer's systems and applications from an external environment, i.e. we simulate an attack by a potential hacker attempting to penetrate from the internet. The goal is to detect any vulnerabilities that could be exploited by a potential attacker to penetrate or gain unauthorized access to the internal network. For testing, we use our own best practices supported by OSSTMM, CHM and other methodologies.

Penetration test of internal network

An internal penetration test verifies the resilience of the corporate network from the inside, i.e. attacks conducted through employees, partners or suppliers. The aim of the test is to protect against unauthorized access and possible misuse of data and sensitive data by users on the internal network. For testing, we use our own best practices supported by OSSTMM, CHM and other methodologies.

Penetration Test of Wi‑Fi network

Wireless LAN scanning – wireless networks typically extend beyond the organization's building, allowing a potential attacker to penetrate the corporate network and systems through unauthorized access to the Wi-Fi network. Wi-Fi network tests include verification of availability (signal coverage, interference), unauthorized access to the Wi-Fi network, interception of communications and detection of unauthorized wireless access points.

Social Engineering

Examination of employee behavior and reactions to attempts to obtain sensitive data and information through fraudulent e-mail or telephone campaigns, etc. The aim is to reveal the level of security awareness, compliance with the internal regulations and resistance to threats using methods of manipulation in direct and indirect communication.

No‑obligation inquiry

How Penetration Testing Is Performed

com-plus-cz-kyberneticka-bezpecnost (2).jpg
1

Select the area you want to test

We will determine your exact needs. We will select the most suitable penetration test for you.

com-plus-cz-odbornici-v-zabezpeceni-it.jpg
2

Penetration Tests

We test using a combination of tools, both automated and manual test scenarios. It depends on your requirements and testing area.

com-plus-cz-penetracni-testovani.jpg
3

Final report

Our report makes it easy for you to understand what security weaknesses we have uncovered. You will receive recommendations regarding actions you need to take to keep your data secure.

com-plus-cz-komplexni-reseni-kyberneticke-bezpecnosti.jpg

Red Teaming

A way of testing the resilience of a company's environment by a group of ethical hackers who simulate a real attack just as real hackers would. Compared to penetration testing, it is larger in scope, using a wide range of attack vectors and targeting both people and technology. Penetration tests examine only an isolated part of IT systems, e.g. Wi-Fi networks or web applications. Red Teaming is more flexible and usually takes longer. The goal is to test the resilience of the entire company environment to a real attack. It also uses social engineering techniques; therefore, company employees are typically not informed of the test.

analyza-rizik-com-plus-cz.jpg

What makes Red Teaming distinctive?

  • It tests the resilience of the entire environment to a real attack
  • Flexible approach
  • Unlimited scope
  • Longer period of time
  • Hidden from employees

com-plus-cz-odbornici-na-kybernetickou-bezpecnost.jpg

Benefits of Red Teaming:

  • Simulation of a real attack by hackers
  • It tests the entire company environment, not just an isolated system
  • A suitable complement to penetration tests that fail to detect possible attack vectors
  • Red Teaming can be used to test or train Blue Team (SOC)

Selected references

Hrdlička spol. s. r. o.
Město Velké Hamry
Město Kroměříž
Monzas
Evrofin
Milevsko
Sonepar.png
AvMedia.png
Simplea.png
Krajskazdravotni.png
Rastr v Bez názvu – 6.png
TosVarnsdorf.png
Rastr v Bez názvu – 3.png
Hopi_CB.png
PovodiMoravy.png

Petr

Customer care

iStock-1254471169.jpg

Do you want to test your cyber security?

Contact us for a no‑obligation consultation and offer today.

Call:

+420 225 103 222

Write:

bezpecneict@complus.cz

First name and surname: *

Company: *

E-mail: *

Message: