Infrastructure penetration testing is a simulated cyber attack that is conducted by ethical hackers to assess the security of an organization’s IT systems and networks. It is used to identify vulnerabilities and weaknesses in the infrastructure that could be exploited by malicious actors and to recommend remediation measures to improve the overall security posture. The testing covers a range of areas including network devices, servers, applications, and operating systems, and often involves using a combination of manual and automated techniques to uncover potential security risks. This type of testing is crucial for organizations to stay ahead of emerging security threats and to maintain the confidentiality, integrity, and availability of their critical assets.
The objective of infrastructure penetration testing is to identify security vulnerabilities in an organization’s IT systems and networks and to provide recommendations for remediation to improve the overall security posture.
In this activity, IT Security C&T will conduct a technical assessment against Customer IP Addresses to identify the weakness in the targeted system as well as the potential threats applicable. This will also raise organizational awareness of the likelihood and possible impact of attacks against Customer’s systems.
The following activities will be performed during this phase:
Exploitation Attempt: Once exploitable vulnerabilities are identified, hacking scenarios will be developed and PT team will coordinate with Customer regarding schedule/ methods of applying these scenarios on the production environment; taking into consideration the effect on Customer business operation.