IT Infrastructure Testing

IT Infrastructure Testing

IT infrastructure testing

If you operate your own servers and network infrastructure, we recommend periodic security verification. Leaks of employee or customer data or your corporate know-how can have a severe impact on your business and reputation. In addition to testing, we also offer consulting and security monitoring services.

Internal infrastructure testing

By means of a penetration testing security audit we will unveil any security vulnerabilities in your network. The audit simulates an attack from inside your network environment undertaken by an employee with ordinary user permissions and not further acquainted with the internal infrastructure or running applications.

External infrastructure testing

By means of a penetration testing security audit we will unveil any security vulnerabilities in your network. The audit simulates an attack from outside your network and uses a “black box” approach starting with no knowledge of the architecture, available systems, and applications, and without any user permissions.

Industrial solutions penetration testing

Citadelo has rich experience in the field of industrial control systems (ICS), also known as SCADA. Penetration testing helps to unveil vulnerabilities in control systems, thus protecting your know-how and guarding manufacturing processes against costly downtime.

PCI DSS (Payment Card Industry - Data Security Standard)

Companies processing payment card transactions should regularly test that their systems meet the requirements of the current PCI DSS standard. Citadelo has carried out dozens of these tests. And we would be happy to help you secure this sensitive client data.

Internet of Things (IoT) testing

In addition to traditional IT infrastructure, we also work with devices and web services in the “Internet of Things” category. Today, IoT and smart devices are installed in homes, corporations and industrial settings, however the security risks connected with them are severely underappreciated.

Social engineering

Testing security measures through social engineering is an even more popular test which makes use of various manipulative techniques to gain access to a facility or to computing infrastructure. Typical scenarios including sending phishing emails, planting malware on removable media, or attempting to obtain sensitive data via a telephone conversation.

VMware Infrastructure testing

Creating and managing virtual infrastructure today is really fast and easy. With all the Vmware technology it sometimes feels so simple, almost like a videogame. But at this level of abstraction, the network itself feels distant, and security issues that you would easy identify on a physical network may get overlooked. And then there is the management software itself and it's issues as you can see in this [CVE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3956) found by our pentesters. Do not underestimate the security of your network, just because it is virtual, because the impact is real.

Windows Infrastructure testing

When it comes to a windows domain, every domain admin will agree that it comes with a lot of simplification to make their life easier but with many perils as well. Because being and domain admin and holding the keys to the entire network is no easy task. Exploiting an Active Director, becomming domain admin, is the main goal of every hacker in a windows admin. Let our hackers show you how it's done.

Linux Infrastructure testing

Testing security measures through social engineering is an even more popular test which makes use of various manipulative techniques to gain access to a facility or to computing infrastructure. Typical scenarios including sending phishing emails, planting malware on removable media, or attempting to obtain sensitive data via a telephone conversation.

How can I help you?
How can I help you?
Tomáš Horváth
I’m ready to help.