We offer a variety of Penetration Testing and Security Assessment services. These services can be delivered as a one time off or on a recurring basis. The test deliverables contain an executive summary, an in-depth technical report along with mitigation advice.
Vulnerability Assessment
A Vulnerability Assessment service checks either Network / Infrastructure components (Firewalls, Routers, Servers, IoT devices, endpoints etc.) or Web Application Components (Websites, Portals, Restricted Web Access Systems etc.). The goal of the service is to find loopholes in security, which would allow an intruder to gain unauthorized access or do any damage to a system.
Network / Infrastructure Penetration Testing
This is a security testing service that focuses on finding vulnerabilities, misconfigurations and other flaws in your networks, infrastructure and overall architecture (i.e. server services, network protocols, operating systems and any other IP enabled components). In this service, we try to exploit vulnerabilities in order to gain full access to vulnerable systems. In a Network Vulnerability Assessment, which is a cost effective alternative to a Network Penetration Test, we only report on the flaws without actively exploiting them.
Web Application Penetration Testing
More than 70% of all technical attacks are aimed at the Web Application layer. This service examines your web applications from a coding and implementation flaw perspective, but also looks at issues like SQL injection, local and remote file inclusion as well as cross-site-scripting (XSS). It involves attempts to actively exploit vulnerabilities in order to gain access to the Web Application, underlying database services and hosting server system itself. In a Web Application Vulnerability Assessment, which is a cost effective alternative to a Web Application Penetration Test, we only report on the flaws without actively exploiting them.
Mobile Application Penetration Testing
Hardly any market is growing faster than mobile applications. This service covers all threat vectors concerning Mobile Apps. The audits contain Application Runtime Analysis, Traffic & Encryption flaws, Insecure Storage, Code Signing, Memory Protections, Fuzzing and Exploitation. We will test your Android and iPhone mobile applications to make sure they cannot be compromised. We can also include backend servers, communication channels and APIs in the testing.
Wireless Penetration Testing
WiFi is no longer just a “nice to have” but has become a mission critical component to many businesses. The Wireless Penetration Testing service covers all threat vectors of Wireless Networks. Our audits contain attempts to crack Wireless Encryption and Authentication mechanisms, include the set up of rogue access points along with test phishing portals, a variety of man-in-the-middle (MITM) attacks, Denial of Service Testing and Bluetooth Security tests.
Social Engineering Services
Often Security is breached despite the fact that the latest perimeter defenses are in place. Why? An employee may simply plug a USB stick in, which claims to contain Amazon vouchers. Or the users brought their own infected device into the corporate network, clicked on a malicious PDF or simple visited a malware website as he/she thought the email instruction to click on that link came from the manager. Could your staff be tricked that way? Our Social Engineering services can find out.
Download Flyer and Sample Reports
1. BONGO-SECURITY-FLYER
2. BONGO-SECURITY-PENETRATION-TESTING-SAMPLE-REPORT