Penetration tests allow security vulnerabilities to be discovered from the perspective of a potential attacker and allow an in depth review of the vulnerabilities to your information assets and IT infrastructure. Such tests go beyond a vulnerability assessment in that a fuller exploration of vulnerabilities and how they can be exploited is undertaken.
In addition to network and system security vulnerabilities, other areas can be tested such as the risk of social engineering on employees, web application security, processes that allow an increased risk of fraud, sensitive information exposure on the internet and the physical security measures in place.
Penetration tests allow a company to not only fulfil regulatory and legal requirements, for instance ISO 27001, but also add value to the services companies offer. Customers are much more likely to have increased confidence in a product or service that takes security seriously.
We have strict security controls on our tester systems and servers which all conform to the latest security standards. We are audited regularly by internal and external audits and have ISO 27001 accredited processes and controls around safeguarding a client’s sensitive data.
Regency is a CREST authorised Certification Body and conducts verification and technical testing in accordance with CREST methodology and guidelines. CREST is an international, not for profit, organisation that serves the needs of the technical information security marketplace that requires the services of a regulated professional services industry.