Latest News
- PCI compliance may be bitter pill to swallow, but it's for merchants' own good
- Google's financial incentives for vulnerability detection will be welcomed, but it may attract money-motivated non-technical people
- Credit card fraud expected to rise at Christmas
- BBC disability site detected as being vulnerable to a cross site scripting attack
- Organisations struggle to understand PCI DSS, call centre compliance
Click here to see more news.
Vulnerabilities
Click here to see more of ProCheckUp's published vulnerabilities.
Infrastructure Testing
An external infrastructure penetration test is a method of evaluating the security of a computer system or network by simulating an attack from a malicious source. The intent of a penetration test is to determine feasibility of an attack and the amount of business impact of a successful exploit, if discovered.
Our testers will target your external and internal infrastructure involving an active analysis of the system for any potential vulnerabilities that may result from poor or improper system configuration, known and/or unknown hardware or software flaws, or operational weaknesses in process or technical countermeasures.
Our testers evaluate the threat level of the assigned targets and on a full infrastructure test ProCheckUp will go on site to access equipment, applications and internal networks. From this we will perform an infrastructure test.
A small example of areas to be considered for an infrastructure test:
- Servers
- Miscellaneous embedded devices
- Intranet
- VoIP
The following are some examples of possible locations for the network connection provided to ProCheckUp in order to perform the penetration test:
- Meeting room
- Employee's desktop
- Server room
- From a partner network where traffic can be routed to the customer's network
As with most of ProCheckUp testing the test is a combination of an automated scan and manual testers using penetration testing and in some cases elements of social engineering.