What is penetration testing?

Penetration testing (aka "ethical hacking") is a set of actions, performed by Certified Ethical Hackers from EASI, that will replicate malicious behaviors in order to check that your IT infrastructure or the defined scope is correctly protected and configured.

EASI Penetration Test

The penetration test can be based on the "white box" or "black box" principles:

White box

White box means that EASI gets as much information as possible about the network beforehand.

Black box

Black box means that EASI starts from scratch and performs more reconnaissance actions before starting the actual pentest.

What do we do during a penetration test?

Here is a non-exhaustive list of actions that can be performed during a penetration test:

  • Vulnerability scanning
  • Vulnerability exploitation
  • SQL injection, XSS manipulation, URL manipulations...
  • Fuzzing
  • Social engineering
  • Phishing
  • Use of evasion techniques
  • Password cracking/ brute forcing
  • Spoofing
  • ...
Penetration test options

Penetration test report

A detailed report will be provided after the test. This report contains the flaws we were able to exploit / "circumvent". You will also be able to check the weaknesses against their exploitation status and recommendations with the solutions on how to fix them. 

Last but not least, EASI also aims at pointing out weaknesses that we were not able to exploit during the penetration tests, but where unauthorized access may be gained over time. This is important as the timing of our test is limited, but malicious hackers have all the time in the world!

We are already helping them

speos Belgium
Ter Molst
Motor-Parts
mainsys-group.jpg
Médecins Sans Frontières
Iris Cleaning Services
Gemeentebestuur Sint-Jans-Molenbeek
TCM

Want to know more about our Penetration Testing services?

Recent articles

EASI
Bernd Vanden Bempt
Bernd Vanden Bempt
05/03/2021
At EASI, we are always looking for ways to improve our services for our customers. With this in mind, we are proud to announce a new partnership with HelpSystems. 
Security
Rudi van Helvoirt
Rudi van Helvoirt
10/02/2021
The new Object Connect TCP/IP server currently has the option to operate with or without encryption, but IBM's message is clear. Encryption is the future.
Security
Dirk Slechten
Dirk Slechten
02/02/2021
A prediction for 2021 is that every 11 seconds a company is attacked by a malicious cryptolocker. Alongside the covid-pandemic, we're also facing another type of pandemic and this one is called Ransomware.