Introduction
滲透測試是一種模擬真實駭客攻擊的安全檢查方式,由滲透測試人員以攻擊者的角度,針對系統、網站或應用程式進行有計畫的入侵測試,其目的是在不造成實際損害的前提下,找出潛在可利用的漏洞,協助企業在攻擊發生前,將漏洞預先修補。
Service Advantages
-
01
Simulate attack methods of hackers manually to identify vulnerabilities in the technical aspect, program process aspect, and logical aspect, with obtaining system control permissions as the ultimate goal.
-
02
When dealing with the protection of the program code end, manual testing has become an advantage by using flexible attack methods to bypass the protection measures designed for the program.
-
03
Able to test non-immediate, time-sensitive, and cross-platform vulnerabilities.
-
04
The tests are in accordance with the international standards: NIST SP 800-115 – Technical Guide to Information Security Testing and Assessment, OSSTMM (The Open Source Security Testing Methodology Manual, third edition), and the penetration testing methodology OWASP Testing Guide v4.2.
Penetration Test Project Process
