Network/System PenTest
- Search all opening ports and ensure it is operation required.
- Ensure all endpoints implemented authentication and authorization control
- Identify the opening ports service applied latest version & patches
- Outdated components or known vulnerability (CVE) found in the identified service
- Disable the use of SSL 3.0, TLS 1.0 and TLS 1.1. Instead, leverage a newer version of TLS such as TLS v1.2 and v1.3.
- Correctness of the certification information and signed party
- SSL Certificate strength, at least > 2048 bits
- Not use the weak ciphers
- Any shared files or services that contain sensitive data
- Correctness of the certification information