Conducts penetration tests targeting server OS, applications, network services, and internet-connected IoT devices—such as access control systems, network printers, IPCAMs, wireless APs/routers, and data center environmental controls—to simulate intrusions or lateral movements. The goal is to determine if unauthorized access can be gained and if internal data is susceptible to exposure, tampering, or theft.

Penetration testing includes internal and external assessments, beginning with reconnaissance and information analysis to guide subsequent test strategies.

Testing Frequency
Includes two penetration tests (initial and retest) within six months of purchase.

Analysis Report
Delivers a detailed report within one month post-testing, documenting identified vulnerabilities and procedures (with evidence screenshots), validating results to reduce false positives/negatives, and offering remediation recommendations. Non-applicable items will be clearly noted with justifications.

Risk Management
Prior to testing, backup guidance is provided to mitigate risks of unexpected data loss or corruption. During the testing phase, any intrusive operations will be pre-approved by the client and executed only at agreed times with appropriate contingency measures and risk assessments in place.