Pen testing at The S-Unit

 

With increasing digitalisation and European legislation, cybersecurity is becoming increasingly important. Companies are constantly facing complex cyber threats and challenges. At The S-Unit, we understand this complexity and offer a unique approach to penetration testing, also known as pen testing. These tests focus on protecting your business and strengthening it against the rapid changes in the cyber landscape. Find out in this blog why The S-Unit is the partner for your cyber security needs and how we stand out in the market.

 

What is a pen test?

A pen test is a proactive security measure to detect and plug vulnerabilities in computer systems, networks or applications. Performed by ethical hackers, its primary purpose is to identify potential vulnerabilities before malicious hackers can do so. By simulating attacks, organisations can improve their security levels and minimise risks. At The S-Unit, we take various approaches, such as black box, grey box and white box testing, depending on the desired depth and available information.

 

Custom pen testing

At The S-Unit, we don't use automated testing methods like many of our competitors. Instead, we take a manual approach. That way, we can creatively detect complex vulnerabilities and logical flaws that automated tools sometimes miss. Manual test execution also allows us to develop specific attack scenarios tailored precisely to your environment, allowing us to tailor cybersecurity improvements.

 

Targeted scoping

We understand that every company is unique and has specific security needs. This is why every pen testing project with us starts with a scoping session. During this session, we discuss what needs testing and which research questions needs answers. Depending on the needs, we can take different approaches. For example, if you want a black pentest, we only need basic information to determine the test size. However, if malicious users pose the most significant risk to your organisation, we can conduct grey box tests with login credentials and additional documentation. We can also run white-box tests to gain complete insight into source code or server setup. This way, we can create a tailor-made proposal that perfectly matches your company's size, complexity and specific risks. You only pay for what you need, ensuring cost-effectiveness without compromising cybersecurity quality.

 

Thorough preparation

At The S-Unit, we carefully prepare the start of each pen test with a detailed briefing. During this session, we briefly discuss the scope again, share any requirements such as login details, and establish escalation contacts and other arrangements. This thorough preparation ensures that our tests are accurate, effective, and aligned with your research questions and expectations. Moreover, our dedicated hackers invest time exploring new technologies, so we are always optimally prepared.

 

Quality report

For years, The S-Unit has been known in the market for its high-quality quality reports. Within five days of the last day of testing, a report is send via a secure environment. Our reports, designed to be understandable for technical teams and accessible to less technical stakeholders, such as management or the board of directors. This way, everyone in your organisation can be involved in strengthening cyber resilience. By default, the report includes a management summary, the classified findings and mitigation advice. We also customise reports, from standard reports to reports that need to meet requirements such as a CVISS score, DIGID and other specific industry standards.

Wondering what our sample report looks like? Then get in touch!

 

Your cybersecurity from A to Z

In addition to the core points of our approach, The S-Unit offers a wide range of pen tests to secure your entire cybersecurity:

• External Infra: We investigate how an attacker can access your network from the internet.
• Internal Networks: During this testing, The S-Unit will perform a penetration test on the internal environment from inside, on-site.
• Applications/websites: In-depth testing of individual applications and websites, including web applications, to identify vulnerabilities in code, frameworks and configurations.
• Mendix applications: In-depth testing of specific Mendix applications.
• Mobile apps: Testing mobile IOS and Android applications.
• Virtual Desktops: Testing virtual desktops
• Wi-Fi:During this test, The S-Unit performs a pen test on the security of wireless networks.
• IoT: During an IoT pen test, The S-Unit subjects the device to a pen test after carefully mapping the inside and outside of the device.
• Offensive as a Service: Pentest work that recurs regularly, every six months, quarterly, or monthly. The scope of the test is then determined shortly beforehand.
• Cloud configuration reviews: During this type of testing, we check the security measures in the Cloud, such as Azure or AWS.
• Unknown: Addressing specific issues where you want a hacker's eye to be cast.

 

Why The S-Unit?

We strive for customisation and a thorough understanding of your business's unique challenges. Moreover, we offer more than standard pen testing; our services include advanced ethical hacking services such as Red Teaming and training people in our own S-University, allowing us to offer diverse services. This comprehensive approach enables us to deliver real added value.

By choosing The S-Unit, you are investing in a partner that treats cybersecurity as a technical challenge and approaches it with a personal touch and in-depth knowledge of the technologies essential to your business. The S-Unit is your ally in building a robust security infrastructure, Your Security Companion.