This service helps you to identify weaknesses in the systems either through technical system vulnerabilities or through the failure of controls. The diagram illustrate the location of the technology typically found on a vessel, where the testing is conducted.
Outlined below is the security testing methodologies built upon good practices from organisations such as Open Web Application Security Project (OWASP) and Council for Registered Ethical Security Testers (CREST) that are deployed to seek where the vessels are vulnerable.
Whilst it is important to identify technical vulnerabilities and to remediate them, the most valuable learning comes from identifying the process’ weaknesses which allowed the vulnerabilities to arise. Deep root cause analysis, standard in the testing conducted, gives a holistic understanding of the root cause of issues, allowing the implementation of solutions and embedding of robust controls throughout the work environment. This results in an improved control environment, reducing the likelihood of future vulnerabilities arising.