...

Free consultation about the possibilities of integrated pen testing

Free consultation about the possibilities of integrated pen testing

Dennis Slier

Project Lead Incident Response Cyber Security

About NFIR

Our society is increasingly affected by serious cyber security incidents that have major consequences for our digital infrastructure. Cyber security incidents are often focused on an organisation’s critical work processes, endangering the continuity of an organisation. As a result of changes in legislation and regulations, organisations are generally themselves responsible for the damage suffered and for repairing it. Quick and professional intervention is therefore essential and NFIR can help you with that.

Schedule an appointment directly with NFIR expert Dennis

Have the resilience of your (web) application, website, IT infrastructure, links (APIs) and mobile apps checked by a NFIR penetration test.
Penetration tests and code reviews are necessary to demonstrate the resilience and effective operation of the security. Do you want insight into the level of security of your website, (web) application or internal network? Then have a penetration test (pen test) performed by the ethical hackers of NFIR. We offer tailor-made pen tests, so that what you want to gain insight into is tested.

Frequently asked questions

  1. A vulnerability scan provides a general picture of how IT security is organised. A pen test provides a more detailed picture of current IT security. A pen test provides a more detailed picture of current IT security.
  2. A vulnerablity scan is used to find commonly known vulnerabilities. In a pen test, attention is paid to all potential weaknesses
  3. Vulnerability scanning uses automated scans to detect vulnerabilities. A pen test also makes use of automated scans and the researcher actively seeks out vulnerabilities through a dose of creativity.

Penetration test or vulnerability assessment? – Penetration test? – Contact NFIR now

Our pen testers have a large amount of experience, a lot of creativity and up-to-date expertise. The NFIR pentesters have followed relevant training courses and obtained certifications such as OSCP. In addition, they have all received chief of police approval and signed confidentiality agreements.

How long a pen test lasts strongly depends on the environment that needs to be tested and the agreements made with the client about the attack scenarios to be used.

A Black Box pentest means that no information about the environment is shared with the pen testers beforehand. With a pentest based on the White Box principle, all information about the environment is shared in advance. If you are having a pentest performed for the first time and want to get an overall picture of your security, it is useful to have a Black Box pen test performed.

A Black Box pentest is especially suitable when an environment is being pen tested for the first time and you want to get an overall picture of the security. A Grey Box Penetration Test is an intermediate form of the Black Box and White Box Penetration Test, in which the researchers have limited login details and information at their disposal. The Grey Box pentest is generally used to see how safe an environment is from the perspective of an employee or customer.

Make arrangements with each other when the information should be delivered, when the pentest will take place, what the pen test means for the daily operations within your company and when the report will be delivered. The assignment must be clear and the information required in advance must be delivered on time, or a pen test cannot begin.

The NFIR Pentest: how impenetrable is your network?

With the NFIR Pentest you can get certainty and advice about the safety of your network. NFIR for non-binding advice: 088 – 323 0205

The three main standards used by NFIR (depending on the environment to be tested) are the Penetration Execution Standard (PTES), Open Source Security Testing Methodology Manual (OSSTMM) and the Open Web Application Security Project (OWASP). The Common Vulnerability Scoring System (version 3) is used to determine the severity of a vulnerability. Furthermore, NFIR uses input from the client to apply a CIA weighting to the vulnerabilities found.

SECURITY INCIDENT BIJ UW ORGANISATIE?

De volgende 30 minuten zijn van cruciaal belang​!

De eerste 30 minuten na een cyber security incident zijn cruciaal, omdat een snelle en adequate reactie de schade kan beperken. Daarnaast kan verdere verspreiding van de aanval worden voorkomen en kan essentieel bewijsmateriaal veiliggesteld worden voor nader onderzoek.

Ons Computer Emergency Response Team (CERT) staat 24/7 klaar om bedrijven en organisaties te ondersteunen bij IT-beveiligingsincidenten.

Heeft uw bedrijf professionele hulp nodig bij een beveiligingsincident? 

* LET OP: Wij werken uitsluiten voor bedrijven en organisaties.

SECURITY INCIDENT AT YOUR ORGANIZATION?

The next 30 minutes are crucial!

The first 30 minutes after a cyber security incident are crucial because a quick and adequate response can limit the damage.
In addition, further spread of the attack can be prevented and essential evidence can be secured for further investigation.

Our Computer Emergency Response Team (CERT) is available 24/7 to support businesses and organizations during IT security incidents.

Does your company need professional help with a security incident?

* NOTE: We work exclusively for companies and organizations.