Hitachi

U.S.A.

Hitachi Group Global Network

Americas

Asia

Europe

Middle East and Africa

Oceania

Close

Penetration Testing
You are here: Home \ Professional Services \ Penetration Testing

Penetration Testing

Penetration or intrusion tests simulate a real attack against your infrastructure in a controlled environment, allowing our certified consultants to evaluate your system’s capacity and provide you with recommendations on how to improve your defense against technological vulnerabilities that can lead to intrusions, fraud and service interruptions.

E-Book: Thinking Like Your Enemy Yields World-Class Security

Download Penetration Testing: Think Like Your Enemy

Want us to test your network security? Request a free quote:


Penetration testing (also called “pentesting”) includes network penetration testing, social engineeringapplication assessment as well as controls and processes around the networks and applications. This should occur from both outside and inside the network. Hitachi Systems Security utilizes components from several different testing frameworks including:

OWASP

Open Web Application Security Project

PTES

Penetration Testing Executive Standards

OSSTM

Open Source Security Testing Methodology

ISO 27001 / COBIT

Control Frameworks such as: ISO 27001 and Control Objectives for Information and Related Technology

TOGAF

Architecture Models such as The Open Group Architecture Framework

Added Value

Hitachi Systems Security’s penetration tests are carried out employing the same techniques as an attacker located outside your infrastructure and verify, without revealing too much information on your environment, if your servers or applications will resist hostile attacks, and if the identified vulnerabilities can lead to further intrusion and exploitation.

A pentest will help you:

Protect your Corporate and Customer Information

regulations

Comply with Industry and Government Regulations

integrity

Preserve your Organization’s Integrity and Reputation

Benefits

Hitachi Systems Security’s penetration testing service protects your business and provides many benefits, including:

  • Manage Vulnerabilities Using Greater Intelligence

    Understand your vulnerabilities by gaining insights into why they occur and how to remove them. Analyze and rank exploitable weaknesses based on their potential impact and likelihood of occurrence.

  • Reduce Costs Associated with Network Downtime

    Avoid network downtime and the costs associated to it by discovering vulnerabilities and eliminating them.

  • Preserve Corporate Image and Customer Loyalty

    Any downtime or missteps can be harmful to an organization’s image. Penetration testing finds vulnerabilities before they become problems.

  • Improved Compliance

    Ensure you are in compliance with customer and shareholder requirements, regulations and standards. We can help you comply with major regulations such as SOX, PCI, NERC/ CIP, SAS70/SSAE16, HIPAA, ISO, and more.

Steps Performed During a Penetration Test

null
null

Step 1

Intelligence Gathering and Reconnaissance. We will discover vulnerabilities in the target client systems and investigate methods to attack those vulnerabilities.

null
null

Step 2

Conducting attacks against the given vulnerabilities.

null
null

Step 3

Establishing deeper control over the compromised assets.

null
null

Step 4

Erasing evidence of the attack through system logs, firewall entries and any other traceable records.

null
null

Step 5

Pivoting control to other assets and systems deeper within the client infrastructure.

null
null

Step 6

Finding and retrieving valuable information from the client systems, e.g. PCI data, client records or sensitive information of other types, alternatively disrupting client services or denying control of the assets, as defined by client need.

null
null

Step 7

Producing detailed written reports that catalogue all activities undertaken, describe the methods and the results and explain the necessary remediation efforts.

When to Perform a Pentest

Many organizations will conduct a penetration test because they may suspect or know that they have already been hacked and now want to find out more about the threats to their systems in order to reduce the risk additional attacks. Conversely, an organization may also be proactive and want to know in advance about any threats that face their organization as a whole or a new system before it goes live.

Talk to a security specialist

Protect your business today

Deliverables

The final result of a penetration test is a detailed report, including all test findings as well as the necessary countermeasures and recommendations to secure your IT infrastructure. The report documents the following elements:

The security level of the servers as perceived by an attacker.

security-levels

The security breaches, vulnerabilities, as well as countermeasures and corrective actions to be applied.

lists

All testing activities and raw scan data are also provided alongside the final deliverable as report appendixes and supporting documents.

Webinars on Demand: Learning How Hackers Hack

In this webinar you will learn:

  • What does a world class penetration test involve?
  • The 6 essential elements of a penetration test
  • The 6 benefits of a penetration test