Penetration testing, also known as pen testing and ethical hacking, is a cyber-attack which is employed by our technical specialists to evaluate, probe and test a computer system, network or web application to identify any security vulnerabilities that could be exploited by cyber criminals. The cyber-attack process can be performed manually, or through the use of software applications and is designed to simulate an attack upon a system. It should be viewed as a method for gaining assurance in your organization’s vulnerability assessment and management processes, not as a primary method for identifying vulnerabilities.

AMR Digital Forensics offers penetration testing engagements to suit our client’s needs, enabling them to reinforce their cyber security policies and procedures to better protect them from future threats. Our penetration testers are trained in Network, Web and Infrastructure testing disciplines and can offer versatile engagement solutions to any testing environment.

The Payment Card Industry Data Security Standards (PCI DSS) requirements 11.3.1 and 11.3.2 state that penetration testing must be performed at least annually and after any significant changes to a merchant’s network or applications. Penetration testing can be a complex and vast subject and ensuring your penetration test meets the necessary requirements can be a challenge. AMR Digital Forensics has trained our penetration testers with the PCI-DSS requirements in mind and where required, our methodologies and approach are designed specifically with the PCI-DSS penetration test guidance in mind to ensure that when we conduct a PCI-DSS penetration test, it will meet the necessary criteria.