Description
The process of evaluating the current security state Assets to find vulnerabilities that an attacker could exploit to gain unauthorized access to systems and information.
Scope
Phase 1
• Information gathering
• Manual Assessment
• Threat model
• Identify Gaps and risk
• Vulnerability Scanning
• Attack methods preparation
• Threat/Attack impact analysis
Phase 2
• Custom Script analysis
• Exploits analysis
• Exploitation & Post Exploitation
Deliverables
Technical report, attack/vulnerability impact with mitigations guidelines/recommendations, revalidation test (if required), advisory
Reviews
There are no reviews yet.