|TÜV Rheinland Security Advisory NotPetya||226 KB||Download|
By exploiting vulnerabilities in computer networks, IT systems, applications or mobile devices, criminal hackers can penetrate organizations and manipulate or steal sensitive business and customer data. No company is too small or insignificant for an attack, and many companies have already been compromised. Do you know the vulnerabilities of your systems and applications that can be exploited by an attacker?
Anticipate hackers - with a simulated and targeted cyber-attack
We analyze your IT infrastructure through a hacker’s point of view. Our experts simulate a realistic cyber-attack and detect vulnerabilities in your infrastructure before attackers can exploit them. We will inform you if and how vulnerable your IT infrastructure is and what consequences this may have for your business. In addition, we recommend remediation steps to enable you to better protect your organization including your customer data and your intellectual property.
With a penetration test or an IT security analysis by TÜV Rheinland, you receive:
Our experts welcome your questions and are available for further information about our penetration tests and IT security analysis. Contact us!
1. Gathering information
Together with you, we plan the analysis and define the type, method and scope.
2. Identification of security gaps
During the analysis phase, we identify potential weaknesses in your computer networks, IT systems, mobile devices and applications.
3. Exploiting vulnerabilities
In coordination with you, we try to access your computer networks, IT systems, mobile devices and applications either as an external attacker over the Internet or as an internal attacker via your intranet.
We document and classify the identified security gaps in a TÜV Rheinland test report, detailed for the IT department and understandable for management. Thereby, we illustrate what damage an attacker can cause in your company. Moreover, we develop appropriate corrective measures together with you. Upon request, we will explain the report and present the results to your management in a workshop.
5. Corrective measures
In order to permanently close the identified vulnerabilities, we recommend suitable corrective measures or discuss with you the existing, planned next steps. If required, we also support your experts to further increase the IT security within your organization with the implementation of concrete measures.
We perform external and internal IT security analysis and penetration tests in all relevant areas of IT within an organization.
Please find below our modules and testing scopes:
Unauthorized data access and manipulation
Web applications, e.g., web shops or customer portals, accessible via the Internet or intranet
Rich/Fat Clients and Other Applications
In the area of cyber-security, more than 270 experts work at TÜV Rheinland worldwide – of those, 20 security analysts in Germany perform more than 250 penetration testing and security analyses annually – and that number is increasing. We are proficient in the development and implementation of current attack scenarios against IT systems, computer networks and web applications through to mobile applications and wireless networks.
In addition, we have extensive expertise in:
We have performed penetration tests and security analyses in a wide range of industries, from auto manufacturers to retail to financial services. Our clients include small businesses with 50 employees, as well as large companies with 250,000 employees.