What is penetration testing?

Penetration testing (aka "ethical hacking") is a set of actions, performed by Certified Ethical Hackers from EASI, that will replicate malicious behaviors in order to check that your IT infrastructure or the defined scope is correctly protected and configured.

EASI Penetration Test

The penetration test can be based on the "white box" or "black box" principles:

White box

White box means that EASI gets as much information as possible about the network beforehand.

Black box

Black box means that EASI starts from scratch and performs more reconnaissance actions before starting the actual pentest.

What do we do during a penetration test?

Here is a non-exhaustive list of actions that can be performed during a penetration test:

  • Vulnerability scanning
  • Vulnerability exploitation
  • SQL injection, XSS manipulation, URL manipulations...
  • Fuzzing
  • Social engineering
  • Phishing
  • Use of evasion techniques
  • Password cracking/ brute forcing
  • Spoofing
  • ...
Penetration test options

Penetration test report

A detailed report will be provided after the test. This report contains the flaws we were able to exploit / "circumvent". You will also be able to check the weaknesses against their exploitation status and recommendations with the solutions on how to fix them. 

Last but not least, EASI also aims at pointing out weaknesses that we were not able to exploit during the penetration tests, but where unauthorized access may be gained over time. This is important as the timing of our test is limited, but malicious hackers have all the time in the world!

We are already helping them

mainsys-group.jpg
TCM
Vandewiele
Technical Airborne Components Industries
SBS
Klinik St. Josef St. Vith
assar.jpg
Van De Velde

Want to know more about our Penetration Testing services?

Recent articles

Security
Dirk Slechten
Dirk Slechten
24/03/2023
Ransomware attacks are getting more and more sophisticated. For hackers to obtain their goal, they actively target production data as well as backup data. When there is no backup data available for recovery, businesses will most likely end up paying the ransom fee to be able to r...
Easi certified ISO 27001 again!
Security
Geert Van de Steen
Geert Van de Steen
27/12/2022
At the end of 2022, Easi was audited for our ISO 27001 certificate.
What is a SOC with Robin Bruynseels
Easi
Laurent Boveroux
Laurent Boveroux
28/10/2022
A SOC, not to be confused with the socks on your feet, is a real security solution that can save companies a lot of money and headaches. We spoke with Robin Bruynseels (Cybersecurity and SOC engineer at Easi) who explained us in details what it is, how it works and why it is esse...