evince now offers a Penetration Testing service. This is an ethical hacking proposition whereby we will (with permission of the client) undertake to hack the required site/s or server/s and provide a report on the attempt and whether any vulnerabilities have been uncovered, and our recommended mitigation action.
When we provide this service we ask that the client doesn’t let on to the host and/or other developers that a Pen Test is going to happen, so that we get a real world test in which the relevant parties are unaware and haven’t modified / tightened any security (based on incoming attacks) that should have probably already been in place.
No downtime will occur, we undertake a completely ethical and white hat penetration test. No private data will be taken or and nothing malicious will be implanted, all we do is to probe the defences and find the weaknesses before someone with malicious intentions does.
A certified Pen Test from a specialist Penetration Test company can cost many thousands of pounds. What we offer is a package for SMEs who can’t afford £10,000+ for a pen test, but would still like to have an amount of professional assurance that their site is safe. Depending on the exact requirements a simple pen test will take between 2 and 5 days, therefore the cost is between £500 – £1500 (depending on the exact circumstances). Our penetration test can include penetration attempts using: cross site scripting (XSS), SQL Injection, code injection, social engineering, as well as server, wifi and network level vulnerabilities.
evince has experience with mitigating malicious hack attempts from the perspective of securing websites that we build. A natural progression to that is to offer this proactive service to help tighten security.
A data breach can be extremely expensive, don’t get caught out. Be proactive and talk to us about a custom Penetration test to ascertain if there are any whole to your security. Without doing a Real World test you’ll never know!