Penetration Testing Services

ReactionIS offer the full range of penetration testing services including network and web application penetration testing.


Security Testing and Penetration Testing Services

Reaction Information Security provide end-to-end penetration testing services covering all types of systems, networks, databases and applications. The services we can offer include:

Network Penetration Testing Services

ReactionIS test all types of networks including external, internal, DMZ and wireless. We commonly see vulnerabilities of the following types: default login accounts or weak passwords, buffer overflows and format string attacks, vulnerable web server software, insecure database services, weak remote administration services, unencrypted network services, vulnerable network services and potential for Denial of Service attacks.

Web Application Testing Services

Web application penetration testing ensures that your websites and web applications are protected from hackers and malicous users. Our web application penetration testing methodology is broadly aligned with the OWASP (Open Web Application Security Project) methodology and we commonly find security flaws in web applications including SQL injection, Cross-Site Scripting, broken authentication and session management, insecure encryption implementation and potentially dangerous redirects and forwards amongst others.

Security Build Review

Security build reviews aim to identify weaknesses in the setup and configuration of a host which might not otherwise be detected from a network level examination. The consultant uses allocated credentials to interrogate the host from a logged in perspective and we frequently find security vulnerabilities in the following areas - file permissions, weak user accounts, registry settings, patches and update mechanisms, vulnerable installed software and logging and auditing amongst others.

Firewall Testing Services

Firewall rulebase reviews allow the consultant to analyse traffic flows through the firewall to key network areas and hosts. At worst, a mis-configured firewall could allow unauthorised access into the corporate network. Firewall reviews often uncover unencrypted communications protocols in use, obsolete rules, conflicting rules, inappropriate rules and insufficient rule documentation all of which could lead to unauthorised access. We also perform black box testing on firewalls to assess firewall restrictions from the perspective of an anonymous user.

Social Engineering Exercises

We commonly carrying out social engineering tests for our clients and often uncover weaknesses in defences when using the human approach. We offer trojan USB stick scattering exercises, email phishing attacks, information gathering, information extraction using anonymous phone call enquiries and physical security audits.

VoIP Penetration Testing

VoIP (Voice over IP) and Internet telephony has redefined communications services in the enterprise, and is now in widespead use due to its low costs and bandwidth efficiency. However, this concept introduces risks that have been prevalent since the inception of VoIP which often only in-depth penetration testing can reveal.

Get a Quote Online

Submit your testing requirements online and one of the team will get right back to you.

Network Penetration Testing

Find security flaws in your networks before hackers do.

Read more

Penetration Testing Services

Firewall reviews, database audits, code reviews, social engineering and more..

Web Application Security

Ensure your web and mobile apps are safe from attack.

Read more