WEB APPLICATION / DESKTOP
(FAT CLIENT) PENETRATION TESTS

Checking the resistance of web applications / desktop (fat client) against security breaches and cyberattacks by conducting comprehensive tests compliant with: OWASP TOP 10 / OWASP ASVS / PCI DSS.
Performed by experienced, professional security engineers, who hold numerous certificates, such as CEH, OSCE, OSCP, OSWE, OSEE, CISSP, CISA.

Risk estimation according to CVSS

MOBILE APPLICATION PENETRATION TESTS

Checking the resistance of mobile applications against security breaches and cyberattacks by conducting comprehensive tests compliant with: OWASP Mobile TOP 10 / OWASP MASVS.

Performed by experienced, professional security engineers, who hold numerous certificates, such as CEH, OSCE, OSCP, OSWE, OSEE, CISSP, CISA.

Risk estimation according to CVSS

API PENETRATION
TESTS / WEBSERVICES

Checking the resistance of API/ WebServices against security breaches and cyberattacks by conducting comprehensive tests compliant with: OWASP TOP 10 / OWASP ASVS / PCI DSS.

Performed by experienced, professional security engineers, who hold numerous certificates, such as CEH, OSCE, OSCP, OSWE, OSEE, CISSP, CISA.

Risk estimation according to CVSS

INFRASTRUCTURE PENETRATION TESTS

Checking the resistance of the infrastructure (web, proxy and database servers, LAN, WAN, Wi-Fi, network devices, IoT and other) against security breaches and cyberattacks by performing comprehensive tests compliant with OSSTMM/PTES.

Performed by experienced, professional security engineers, who hold numerous certificates, such as CEH, OPST, OPSE, OPSA, OSCP, OSCE.

Risk estimation according to CVSS

DDOS TESTS

Checking the resistance of applications or the infrastructure to cyberattacks aimed at freezing or crashing the application or the infrastructure by performing comprehensive tests compliant with NIST standards.


Performed by experienced, professional security engineers, who hold numerous certificates, such as CEH, OSCE, OSCP, OSWE, OSEE, CISSP, CISA.

Risk estimation according to CVSS

RED TEAM

Checking the resistance of the organisation (people, systems, physical safeguards, procedures) against security breaches and cyberattacks by using different techniques, such as penetration tests or social engineering tests.


Performed by experienced, professional security engineers, who hold numerous certificates, such as CEH, CPTE, OSCP, OSCE.

Risk estimation according to CVSS

SECURITY CONFIGURATION AUDIT

Checking the correctness of the security settings of applications or the infrastructure (web, proxy, database servers, LAN, WAN, Wi-Fi, network devices, IoT etc.) in accordance with CIS Benchmark, NIST, STIG.
Performed by experienced, professional security engineers, who hold numerous certificates, such as CEH, OSCE, OSCP, OSWE, OSEE, CISSP, CISA.

Risk estimation according to CVSS

SOURCE CODE AUDIT (WHITE-BOX)

Checking security of applications by performing comprehensive analysis of the code.



Performed by experienced, professional security engineers, who hold numerous certificates, such as CEH, OSCE, OSCP, OSWE, OSEE, CISSP, CISA.

Risk estimation according to CVSS

COMPREHENSIVE CYBERATTACK PROTECTION (BLUE TEAM)

Provision of protection to an organisation (people, systems, physical safeguards, procedures) against security breaches and various attacks.



Performed by experienced, professional security engineers, who hold numerous certificates, such as CEH, OSCP, OSCE.

SOCIAL ENGINEERING TESTS

Checking the employees' security awareness by conducting comprehensive attempts to obtain confidential information (e.g. phishing, phone calls or entry on the company premises) or attempts to persuade personnel to engage in activities which contradict the principles of security (e.g. through phishing).

Performed by experienced, professional security engineers, who hold numerous certificates, such as CEH, CPTE, OSCP, OSCE.

POST-BREACH ANALYSIS

Determination of the perpetrators and/or consequences and scope of a breach by analysing traces of the breach, collecting evidence and implementing mechanisms minimising the risk of future breaches.



Performed by experienced, professional security engineers, who have been awarded numerous certificates, such as CHFI, CEH, CPTE, OSCP, OSCE.

TRAINING

Increasing the level of knowledge and awareness of security through practical workshops and training sessions raising security awareness and providing knowledge about current types of cyberattacks.



Conducted by experienced, professional trainers.

Benefits

• Increasing the level of security of data processed in IT systems.
• Minimising the risk of security breaches and successful cyberattacks.
• Detecting current vulnerabilities, loopholes, errors in software and systems before they are detected by cybercriminals.
• Practical, implementable and cost-efficient recommendations (quick wins).
• Compliance with international norms and standards (ISO 27001, OWASP, OSSTMM, PCI DSS).
• Avoiding financial losses, reputational damage and legal consequences.

Facts

120 clients
11 years of experience in the market
300 penetration tests / year
80 % of manual tests

Contact our expert – call +48 508 018 340

Reference

Team

Our professional security engineers hold numerous certificates, such as CEH, CompTIA Security, CISSP, CISA, CISM, CCNA, CCNP, CNDA, CPT, CPTE, CRISC, GPEN, ITIL, LPT, MCSA, OSCE, OSCP, OPST, OPSE.

 

Contact us!




 
 

 

Do you have a question?
Do you need an offer?

Optima Partners Sp. z o.o. Sp. k.

 

ul. Gintrowskiego 53
02-697 Warszawa
tel./fax +48 22 395 51 87

 
Kontakt