Web and Mobile Applications Testing
The tests are based on the Open Web Application Security Project (OWASP) Testing Guide, using automated and manual methods to discover commonly found vulnerabilities in mobile and web applications. The tests cover both client and server sides, including web services and APIs.
IT Infrastructure Testing
The tests examine cyber-security topics that are related to infrastructure (e.g., computers, network devices, security devices, etc.) and based on Mitre’s ATT&CK matrix and on PETS Technical Guidelines. The tests can be originated both from internal and external networks towards the cloud, wireless, Ethernet, and remote access networks.
Breach and Attack Simulation
We manually simulate sophisticated cyber-attacks according to the Cyber Kill-Chain when adversaries deliver malware to evade detection and establish an Advanced Persistent Threat (APT) on the system. The adversary can then move laterally, collect sensitive data, and exfiltrate it. This advanced simulation tests the orchestration of cyber-security controls to mitigate APTs.