A Security Audit or Ethical Hacking Audit is a study that evaluates the security level of company IT systems
Software and system audit
Performed under the OSSTMM (Open Source Security Testing Methodology Manual) methodology.
Web Applications Audit
In order to detect vulnerabilities. Performed under the Open Web Application Security Project (OWASP) methodology.
Apps Audit (iOS / Android)
In order to detect vulnerabilities in apps (mobile applications) development. Performed under the OWASP Mobile methodology.
Review of the security of the different wireless company networks. Under the OWISAM (Open Wireless Security Assessment Methodology).
Inspection of the security of network elements (firewall, balancers, switches …) and the generated traffic.
Source Code Audit
As regards web applications, it is recommended to accompany it with a Web Audit to have a complete view.
The information extracted from the Ethical Hacking Audit is the starting point for undertaking improvement actions:
Have an accurate knowledge of the situation of the systems
Develop safety recommendations
Improve Information Security at the company and create a safer working environment
Why hiring a Security Audit?
In a Security Audit or Ethical Hacking Audit, we apply the same intrusion techniques that malicious attacker would use to leave these systems out of service (but in a controlled and agreed way with the client). Therefore, this is the best way to know the security level and real protection against external attacks.
SECURITY TECHNICAL OFFICE