Request a permeability test
With the increase in the use of information exchange space, the issue of security in this space should be considered more than in the past. This space is exposed to various challenges, damages and threats, such as destruction of databases, attacks disrupting services, eavesdropping, vandalism, violation of privacy, etc. . Therefore, it is more important to conduct security evaluation of services and products that are to be offered in public spaces such as the Internet.
Cert Center of Shahrood University of Technology has created a comprehensive, efficient and agile framework for evaluation and penetration testing of applications using the advantages of standards in the field of software security and penetration testing. So that it evaluates the security and identifies the vulnerabilities of the application with sufficient precision and uses the obtained information in the direction of the penetration test and achieving the desired goals. In this approach, after determining the level of evaluation and testing, dimensions, receiving the required information and agreeing on the desired goals of the employer, the testing team conducts the penetration test in the designated area.
Security assessment or Penetration Testing is an authorized, planned and systematic act to evaluate the security of a network (including active and passive network equipment, servers, clients, applications, etc.) through simulating the attack of a hacker or intruder. Takes. All security experts in the field of information technology believe that the only way to ensure the security of computer networks and communication infrastructures and Internet systems is to perform security assessment operations (penetration testing).
Security evaluation is one of the main activities of this center, and there is a team called the evaluation team in the technical and operation unit of this center. Three categories of activities are performed by the members of the evaluation team in the technical and operation unit of this center:
Infrastructure assessment: This activity includes checking the settings of hardware, software, routers, firewalls, servers and desktop systems to ensure that these settings are in accordance with the organization’s policies and standard settings.
penetration test: In this activity, the security of an organization is investigated and evaluated by carrying out designed attacks on systems and networks in order to identify vulnerable points. Before conducting the penetration test, it is necessary to obtain the approval of the organization’s management because some of these tests may be prohibited by the organization:
- Security assessment and penetration testing of mobile applications
- Security assessment and penetration testing of software and services
- Penetration testing of web applications
- Security assessment and penetration testing of software and services
Scanning: In this activity, virus or vulnerability scanning tools are used to detect infected or vulnerable systems or networks.
To place an order, contact us through the following link: