Penetration Testing and Vulnerability Assessment run by the elttam team

The truth is

Penetration testing is more complicated and broad than what has been traditionally understood in the Australian market. A test can be as basic as an evaluation of software version numbers and their patch levels, or as comprehensive as leveraging skilled teams to simulate real-world attacks against all technology stacks and business processes.

To find a right strategy for you, it's important to know your security objective and requirements. You need to have a clear picture of why and what you want security assessed.

As many in the industry would agree, Penetration testing is limited to the allocated time and budget and there is no penetration testing project that can discover all possible vulnerabilities. Therefore the experience of the security tester becomes crucial for timely identification of security issues, prioritising the coverage of testing and communicating the results in an effective and clear manner.

At elttam, your penetration testing project is delivered by a reputable team of security professionals who have decades of experience delivering security assessments. We assist you to uncover the real needs and tangible objectives for your security assessment project. We then guide you through every identified security vulnerability and make sure our remediation guidance is both practical and cost-effective.

Our methodology®

Sit with you to clearly understand your needs, business objectives and review relevant documentation and prior test results. The goal is to have a clear picture of the project, rules of engagement and limitations.

Phase 1
Requirements

Perform active and passive reconnaissance activities to gather actionable intelligence. The goal is to determine entry points to the environment and map out the attack surface.

Phase 2
Reconnaissance

Based on our reconnassance we design tailored test-cases and attack vectors. This phase is both intuitive and analytical and we leverage on our extensive experience.

Phase 3
Test-case

Manual and semi-automated tests are executed based on the test-cases. The outcome of each test-case is captured, validated and peer reviewed.

Phase 4
Testing

The impact of the identified security vulnerabilities is examined and measured. Security findings are assigned a risk rating considering the context of the environment.

Phase 5
Exploitation

A comprehensive report and any output from tools are delivered to you. We walk you through each finding and make sure the recommendations are clear and practical. Job done!
Contact us to receive the full detail of our methodology.

Phase 6
Reporting

Our expertise

Our team have performed thousands of Penetration Tests and Vulnerability Assessments against many platforms.

Mobile & Web applications

Android, iOS, Windows Mobile and off-the-shelf applications

Microsoft

Active Directory, Exchange Server, Sharepoint, Business Intelligence (SSRS, APS, SSAS, ...)

SQL & NoSQL databases

Oracle, SQL Server, DB2, MySQL, PostgreSQL, ElasticSearch, MongoDB, Cassandra, Sybase ASE

Cloud, Network & Wireless

Infrastructure as a Service (IaaS), LAN, VPNs, 802.11 networks

Thick client and Firmware

Desktop clients, Firmware, and other client applications.

Red teaming

An exhaustive security test and exploitation against a target

Why elttam?

A structured methodology built on proven best-practices (CAPEC, OWASP, OSSTMM)

A team with an established reputation and over a decade of experience

Tailored security services to fit any project or business

Providing services to global software companies and ASX listed enterprises

Made in Australia!

Contact us

Let's talk



Email us

hellome@elttam.com.au

PGP public key

Sydney

Suite 3, Level 27, 1 Farrer Place, Sydney 2000, NSW

Suite 3, Level 27, 1 Farrer Place, Sydney

(+61) 02 8004 5952


Melbourne

Suite 504, 365 Little Collins Street, Melbourne 3000, Victoria

Suite 504, 365 Little Collins Street, Melbourne

(+61) 03 9005 1058