cybback

Vulnerability Assessment and Penetration Testing



When Security loopholes are fixed InfoSec begins.

An end to end VAPT with actionable results includes people-process-technology. Trusted service providers.

>

Vulnerability Assesment And Penetration Testing Methodology.

Defining scope
Reconnaissance and enumeration
Mobile app API analysis
static and Dynamic analysis
Gaining Access-Exploitation
Privilege Escalation
Result analysis
Report generation
Mitigation proposal
Fix re-verification

What is VAPT ?

A holistic approach of penetration test not only discovers security vulnerabilities, but also finds business process and people process flaws along with security checklists based on industry standards, including CERT-In guideline, OWASP Top Ten, PCI Compliance, ISO 27001 stnadards .





  • Vulnerability assessment also known as Security audit - a process of finding vulnerabilities or security weaknesses in any system and reporting the same for resolution.

  • On the other hand, Penetration test includes actual exploitation of the vulnerabilities those are found during the phase of vulnerability assessment.

  • Rules of Engagement must be signed and understood by both parties before staring VAPT.