Comsec will execute an external penetration test of the online system, which simulates an uncertified access attempt from outside the organization, and includes the following elements:
a. Collecting information regarding the components of the system.
b. Using penetration tools in order to locate breaches, risks, vulnerabilities and exposures.
c. Using computerized penetration tools to find the recently published breaches.
d. Using sniffers to intercept communication over the Internet.
e. Testing possibilities for distortion (denial of service, vandals, etc.)
f. Exploiting the breaches that were found for extracting data from the company.
g. Testing the info security level of the system including database and web servers.
h. Performing vulnerability and probability tests, according to the findings.
i. Preparing a report that includes recommendations for implementation of suitable info security solutions.