What Is a Penetration Test
A penetration test is a method of evaluating the security of a computer system or network by simulating an attack. A web application penetration test focuses only on evaluating the security of a web application. The process involves an active analysis of the application for any weaknesses, technical flaws, or vulnerabilities. Any security issues that are found will be presented to the system owner, together with an assessment of the impact, a proposal for mitigation or a technical solution.
The Bloom Cyber Defense Penetration Testing service has three stages: Vulnerability assessment, penetration testing, and security audit. We do this to make sure each and every one of our security reports are as comprehensive as possible
Security Architecture Review
To start our Penetration Testing Process, Bloom Cyber Defense analyses and reviews the security architecture already implemented by your organization.
Vulnerability Analysis Test Plan
The next step is to set a 'plan for attack'. We make a comprehensive plan detailing exactly what we are going to do and how.
Network Mapping and Data Collection
To begin our tests Bloom Cyber Defense gathers as much information about your organization's network and web infrastructure as possible.
Threat Model Identification
For this step, we map out all the possibly vulnerable areas of your website or network and prepare to search for vulnerabilities within them.
Once we find vulnerabilities, we identify, quantify and rank them based on their exploitability and criticality.
The next step in the process is actuall penetrating the vulnerable areas of your website or network to see how easy it would be for a hacker to exploit them.
Analysis and Reporting
Finally, we write up an easy to read report detailing everything we did and everything we found.