Service
Simulated hacking service
Simulated hacking service
This service diagnoses website security vulnerabilities and external attacks quickly and accurately by utilizing automated scanner tools.
We safely protect your services and information assets from internal and external attacks by removing security vulnerabilities derived from web vulnerability diagnosis in advance.
We report on the possibility of customer information assets and personal information leakage through simulated hacking diagnosis such as scenario-based information collection and vulnerability detection.
Key Features
-
Environmental Analysis
- Collect information from your website to provide a SiteMap of your site structure.
- Provides information on programming languages and software versions used in web solutions
-
Web vulnerability diagnosis
- Vulnerability assessment for real external attacks, including major vulnerabilities in OWASP Top 10
- Diagnosis and provision of guidance on evaluation items for technical vulnerability analysis of major information and communication infrastructure
-
Various diagnoses
- Actual manual reproducibility and demonstration of exploits against vulnerabilities
- Providing efficient and accurate diagnosis through automatic diagnosis
-
Report
- Provision of reports on diagnosis contents/diagnosis results/action guides through Koreanized reports and separate provision of vulnerability basis data
Procedure
-
Planning
- Scope and schedule coordination
- Discuss details
- Environmental Survey
-
Perform analysis
- Environmental Analysis
- System Analysis
- Application Analysis
-
Diagnostic Consulting
- Collecting overall vulnerability information (including automatic diagnosis)
- Perform web vulnerability diagnosis using diagnostic tools
- Check web vulnerability diagnosis results
-
Results Analysis Report
- Analysis Report
- Diagnostic Summary
Introduction effect
-
Professionalism
- Establishing an optimal diagnosis plan through pre-environment analysis and improving the level of information protection through the know-how of a vulnerability diagnosis company for 18 years
-
Security
- Responding to internal and external threats through information leak prevention and vulnerability measures
- Simulated hacking at each stage through an appropriate diagnostic method
Providing stable service by minimizing the impact
-
Image Enhancement
- Increase customer trust by providing stable service
- Compliance with domestic and international legal regulations through personal information protection and preemptive response to hacking (major information and communication infrastructure, National Intelligence Service, Ministry of Education, Financial Supervisory Service, OWASP TOP 10, etc.)
Simulated Hacking Diagnostic Goals
Through advance preparation and customer cooperation
Stable support of mock hacking service
-
Through environmental and performance principles
Minimize service impact
-
Experience-based
Establishing a dedicated organization
-
Through prior cooperation of the member companies subject to diagnosis
Administrative Backup
-
Minimize service impact
- Before conducting a mock hacking, sufficient advance notice is given and the scope of diagnosis is discussed with the customer.
- Within member organizations, identify service importance and then perform inspections
- Excluding inspections that pose a risk of failure of the operating system and network, DoS (denial of service), DDoS (distributed denial of service) attacks, etc.
- Temporary attack codes (Exploit Codes) created through vulnerability checks are deleted from the server when the check is completed.
- Notify the person in charge before performing a vulnerability check and perform a web vulnerability diagnosis.
- Diagnose using a test account (Guest account) for each inspection target, and use the administrator account (if it exists) only when necessary.
-
Procedural Backup
- In order to respond to issues and impacts on services due to mock hacking, we will establish a procedural process for recovery with the company in advance and consult with them in advance.
-
- TOP