Penetration Testing

Our security audits and penetration tests have a methodological approach and a process specific to the perimeter: testing servers from the Internet, testing infrastructures from the internal network or WiFi network, testing smartphones, testing websites (intranet, extranet, shopping websites)...

A clear and detailed audit report is written after the penetration tests, which mentions the upsides as well as our recommandations to solve the potential issues. The restitution of our findings can be done in your premises and consists of the following:

  • a technical restitution, which details the vulnerabilities and allows a technical discussion about the remediation plan
  • a managerial restitution, which gives a business vision of the vulnerabilities impacts and presents the global improvement axes

We can audit your web applications, but also:

  • entire networks
  • buildings and security procedures via red team audits (social engineering, physical intrusion...)
  • internal networks (Windows, UNIX, Active Directory...)
  • mobile applications

Our methodology

Before the penetration testing, we define the perimeter of the audit with you. It can be your company website, specific web applications, a group of devices, an IP range, physical buildings...

We also define the level of information that our consultants have when they begin the audit: black-box (no information at all), grey box (partial informations, like a standard user's credentials) or white box (source code of the application, or an administrator's credentials).

The AlgoSecure bonuses

Our quality methodological approach offers:

  • Quality understandable reports manually written
  • The complementary look of two engineers
  • Manual analysis, vital in order to complete automatic scans
  • Advices and clear remedial actions
  • A restitution in your premises to allow discussions with your technical and non-technical teams