Loading, please wait

For more information and support on COVID-19 please visit www.sacoronavirus.co.za.

Penetration Testing

In today’s digital age, businesses are becoming more reliant on Online and Cloud services to interface with customers and provide products to the public. As a result, the rewards for people who can compromise such organisations digital security are seeing similar increases.

Not only are threats increasing daily, but they are becoming more dynamic in their complexity. This can leave defence technologies exposed – technologies which are, by nature, more static and less dynamic than the threats they face. For this reason, regular penetration tests are essential to any organisations defensive arsenal.

  • We align our methodology with the Open Web Application Security Project (OWASP) testing guide
  • Our testing phases involve information gathering, administrative interface evaluation and security analysis.
  • We conduct Authentication and Access Control, Configuration Management, Input Validation, Parameter Manipulation, Session Management and Business Logic.

Discover exploitable vulnerabilities and the dangers to your business before a hacker does. Our Penetration Testing service offering is designed to safeguard your business and important information before it’s too late.

How It Works

Features and Benefits

  • Gathering Publicly Available Information

    Researching the environment using publicly available Data sources (such as search engines and websites) while mapping out the public footprint and pointing out areas of concern.

  • Network Scanning

    Performing automated sweeps of IP addresses from systems provided and/or discovered, both on-network and off-network.

  • System Profiling

    Identification of the operating system and version numbers operating on the system to focus on subsequent tests.

  • Service Profiling

    Identification of the services and applications, as well as their version numbers operating on the system. This allows for further focus testing on vulnerabilities associated with the identified services discovered.

  • Vulnerability Identification, Validation and Exploitation

    Potential vulnerabilities or control weaknesses applicable to the system are researched, tested and identified. Once these vulnerabilities are identified, they must be validated to minimise errors and false reports which involve attempts to exploit the vulnerability.

  • Privilege Escalation

    Should exploitation of vulnerability be successful, attempts are made to escalate the privileges and obtain “complete control” of the system.

Frequently Asked Questions

A Penetration Test is offered by a Security Expert trained to identify and document potential issues in an environment. This report can help identify exploitable vulnerabilities before a real attacker can use them.

Vox offers Standard Blackbox, Standard Greybox, Standard Whitebox penetration tests as well as Web Application, API, PCI-DSS and Social Engineering testing.

Yes – penetration testing can be tailored to a clients specific needs.

A report of findings is delivered and Vox can consult on how remediation can be done these.

Vox offers a monthly PenTest service with a full scan and report monthly to maintain a good security posture.

Content Hub

Vox 4 Thought
Every Company’s Cyber Security Must-Haves
These four elements are non-negotiable when it comes to keeping your business safe from cyber harm. We’ve optimised them even further.
Vox Level 1 Security Offering Defence Against Ransomware | Vox Cyber Security | illustration png
Vox 4 Thought
It’s Time to Get Proactive About Data Protection
Knowing where your data is stored and who has access to it is absolutely crucial for doing business in the age of data privacy regulation.
Data Privacy Regulation | Vox Security Level 3 | Vox Cyber Security | computer screen image

Other Recommended Products

Vox Cybersecurity Portal Vox Cybersecurity Portal

As cybercrime increases both in South Africa and across the world, it is becoming incre...

Find out more

Backup Backup

If you are a small business or a large enterprise, anything that compromises your data ...

Find out more

Please include an “@” in the email address. “joesoap.co.za is missing an ”@”.

Show Incorrect password

Forgot your password?

Lost your password? Please enter your email address. You will receive a link to create a new password.

Error message here!

Back to log-in