Our penetration tests provide assurance regarding the security posture of the in-scope information assets in the context of the OWASP Top 10 and network security posture.
Our priority is inform the client immediately in the event of any critical vulnerabilities being identified that are likely to compromise the ongoing confidentiality of the it’s information systems.
1. Testing is limited to non-disruptive techniques and attacks. PalisadeSECURE will advise the client regarding any potential vulnerabilities and weaknesses which may be suspected but cannot be confirmed as present due to this restriction.
2. Penetration testing will attempt to gain access to systems and resources in a controlled and safe manner to ensure their ongoing confidentiality, integrity and availability. Disruptive testing will only be undertaken following specific formal authorisation from the client.
3. Vulnerabilities identified during the engagement will be accompanied by relevant information such as Common Vulnerability and Exposure (CVE) and Common Weakness Enumeration (CWE) references. The likelihood and potential impact of vulnerability exploitation will be reflected via the priorities of each recommendation within our report and proposed action plan.
4. Testing is undertaken by a certified TIGER Scheme Senior Security Tester and Certified Application Security Tester.