Level 1
We have full access to all your information that is normally unavailable to external infiltrators.
Level 2
Certain information is supplied, we would assess whether unauthorised, logical access can be gained via external components by the cyber criminal who has the same access as a customer or supplier.
Level 3
The system will be “attacked’ from the infiltrators perspective, the only information gathered by an actual attacker is used.
What is High-Value Penetration Testing and Why Is It Important?
A high-value penetration test has several aspects. (SANS)
- It models the activities of real-world attackers
- to find vulnerabilities in target systems
- and exploits them under controlled circumstances
- applying technical excellence to determine and document risk and potential business impact
- in a professional, safe fashion according to a carefully designed scope and rules of engagement
- with the goal of helping an organisation prioritise its resources in improving its security stance
