- Building inspection
- Fire alarms system testing
- Household appliances
- Installation materials
- Industrial machinery
- IT & audio video
- Laboratory, test & measurement
- Lighting equipment
- Maritime, oil & gas
- Medical & healthcare equipment
- Military & aerospace product testing
- Wireless & telecom
You don’t know how well your system is protected before someone tries to access it.
What is penetration testing?
Penetration testing is often referred to as ‘ethical hacking’ or ‘white-hat hacking’. Performing a penetration test (pen test) on a system or software means simulating an attack by trying to access the system in the same way a hacker would.
When we perform a penetration testing, we try to enter your system and/or steal information being transferred by the system to test how easy or difficult it is – and hereby identify the vulnerabilities.
Why is penetration testing important?
A pen test helps make sure your system is safe from hackers and hereby saves your business valuable time and money that a malicious attack might have cost you.
It also gives you an overview of the security status of your networks. Computers are complicated and things move at a speed where system vulnerabilities can easily arise without anyone being aware of it
Nemko can help you close the weaknesses
Our team of cyber security experts can advice you on how to close the weaknesses in your systems by simulating a hacker attack and exploiting any vulnerabilities they come across to get an in-depth analysis of your system’s security. This can be done from the inside or as an attempt to get in. It can be performed once or on a regular basis.
Currently we only offer penetration testing on Android and iOS applications, but we are working on providing the service for other systems soon.
Other network safety services Nemko can support you on
An automated vulnerability scan checks for insecure settings and configurations, out of date software etc. but does not simulate an actual hacker attack (as a penetration test does). Vulnerability scans are therefore cheaper to do than penetration testing. It can be performed on servers and, Android and iOS applications.
This is a quicker and cheaper way than penetration testing to increase the security of your servers.
Hardening is to reduce the vulnerabilities of a system by making it harder for an attacker to gain access. The principle behind hardening is to reduce the attack surface and therefor eliminating possible entryways for attackers. This can be done by patching vulnerabilities and making sure everything is configured correctly.
We can assist in checking that CIS (Center for Internet Security) guidelines have been followed.
Hardening can be performed in connection with a vulnerability scan.
As part of the ETSI certification we perform security evaluations which provides you with suggestions on how to improve the security of software and system.
Which network safety service is best for your company?
Frequent vulnerability scans are essential for your business to stay secure. As new vulnerabilities are found every day, a vulnerability scan should be conducted regularly and more frequently than a pen test. They should be conducted at least quarterly, and after any significant change. A vulnerability scan does not actively patch vulnerabilities, but generates a report on the vulnerabilities that are detected.
Hardening and verification of hardening settings can be included in a vulnerability scan. This is a quicker and cheaper way to increase the security of your systems than a penetration test. However, hardening and vulnerability scans are not as in-depth as a pen test, and may not produce the same level of results.
Pen testing is the most in-depth approach to securing your systems and it is therefore more effective than a vulnerability scan but it takes more time and has a higher cost. A pen test should be conducted annually.
If you are uncertain whether you need a vulnerability scan or pen test, contact us and we will help you find the solution that is suited to your needs.
Cyber security required for CE-marking
Watch this webinar to get an introduction to the new EU Cyber Resilience Act as well as an easy-to-understand update on the cyber security requirements in the Radio Equipment Directive (RED).Watch webinar