Network/System PenTest

Available Service

  • Search all opening ports and ensure it is operation required.

  • Ensure all endpoints implemented authentication and authorization control

  • Identify the opening ports service applied latest version & patches

  • Outdated components or known vulnerability (CVE) found in the identified service

Certification Setting

  • Disable the use of SSL 3.0, TLS 1.0 and TLS 1.1. Instead, leverage a newer version of TLS such as TLS v1.2 and v1.3.

  • Correctness of the certification information and signed party

  • SSL Certificate strength, at least > 2048 bits

  • Not use the weak ciphers

Sensitive Data Exposure

  • Any shared files or services that contain sensitive data

  • Correctness of the certification information

Last updated