Penetration and General Testing
In ICT, it pays for you to find the problems before someone else does.
We undertake security testing and code reviews for a broad range of clients from Government, Defence and Industry sectors. As one of the few Australian CREST accredited organisations, Saltbush is a leader in using best practice ethical hacking to protect our clients’ valuable systems.
We offer our clients an orderly approach to security testing based on open methodologies. Network infrastructure security testing is based on the Open Source Security Testing Methodology Manual (OSSTMM), while web services and application security testing is based on the Open Web Application Security Project (OWASP) Testing Guide.
By using Saltbush, you’ll benefit from a methodology that systematically tests the security of web based information systems and underlying infrastructures and applications to expose vulnerabilities. We identify and document vulnerabilities and exposures, and then manually eliminate false positives and negatives. Our testing is:
- Methodical and repeatable – What was tested last time was tested this time, and will be next time.
- Thorough – All test cases are applied.
- Peer reviewed – Testing reflects the contributions from leading security testers around the globe.
- Open – Open methodologies don’t lock clients into vendor centric arrangements. This allows skills to be transitioned and the process can be performance managed.
Supporting all of our services is an internal ISO 9001 Quality Management system that ensures that we deliver the highest quality of services to get the results you need.