(Internal / External)
(Internal / External)
BugSec is considered one of the leading companies in the field of cyber security, and is proud to have the largest offensive security division in Israel performing offensive security services.
One of our main services in the Offensive Security Division, is the execution of various levels of penetration tests for customers around the world. We offer a wide variety of penetration tests types, from the external attacker with Black-Box scenario that threats the open to the world opportunities. The Gray-Box scenario, that assumes the attacker gained access to the system, and maps all the possible ways he can become a threat. To the internal threat that can identify all design, code and structure vulnerability.
BugSec’s penetration tests is meant to test and identify key aspects of a customer’s environment for flaws that could be taken advantage by a malicious attacker.
BugSec differentiates itself from the competition by mainly using our own tools built by the vast experience and knowledge of our experts. Our penetration tests use both in house developed automated tools, as well as the experience and tools of our experts.
Back To Core Services
BugSec is considered one of the leading audit and consultancy companies in the field of cyber security.
One of our main services in the Offensive Security Division, is the performance and execution of various levels of Penetration Tests for various companies around the world.
Our penetration tests use both automated tools, as well as the experience and manual tools of our experts.
BugSec has the largest offensive security division in Israel, with more than 50 ethical hackers performing offensive security services.
The purpose of BugSec’s penetration tests is to find as much vulnerabilities as possible on the customer’s side.
BugSec’s penetration test service can be both external and internal.
For the external penetration tests, we perform the tests remotely and use only the existing web services of the company in order to check how and from where a potential hacker could attack the company. All these potential points of entry are considered vulnerabilities and are marked with different levels of risks.
For the internal penetration tests, we position ourselves within the organization’s internal network and try to check how and from where a potential hacker, who is situated within the organization’s internal network, could attack the company and cause major damage in its operational activities.
Our External Penetration Tests Service is different from our External Takeover Service, as the External Takeover not only tries to find the vulnerabilities of how and from where to attack the organization, but also tries to reach a certain point within the organization from where the hacker could take full control over the entire organization.
Our Internal Penetration Test is similar as our Internal Network Takeover Service as both of them verify how a hacker, by being located inside the organization’s internal network, can cause a much damage as possible.
BugSec’s penetration test services can be performed as black box, grey box or white box – As black box, the customer doesn’t give us any advanced info on the company, except its name. We do all the research ourselves and try to penetrate the organization by only using the information we managed to obtain by ourselves.
As grey box, the customer gives us some advance information, such as their website, their domain, usernames, etc. We use this information in order to penetrate the organization and fill-in the gaps with information that we look for ourselves.
As white box, the organization that requests from us to do the penetration test, provides us with all the information necessary, including the system codes and no research for extra information is required by us in order to perform the service.
BugSec differentiates itself from the competition by mainly using manual tools, as well as the experience and knowledge of our experts.
The existing automated tools on the market are only used in order to facilitate the scanning itself, but the conclusions are mostly based on our expertise of thousands of penetration tests already performed for a multitude of customers, in various market segments, all around the world.