Skip to content Skip to footer

Loading Results

Penetration Test

Service Summary

As organizations grow both domestically and expand to overseas territories, the demand for technologically driven operations is key to driving employee and customer satisfaction through ease of connecting and communicating to conduct business activities. Organizations are now relying more on digital channels and technology including but not limited to; Websites, mobile (iOS / Android) applications, internal complex applications for CRM and ERP, cross border connectivity to share data. These innovations and expansion are applicable to foreign owned organizations operating in Japan.

The increase of becoming digital and placing greater reliance on technology may come with some risks if your digital assets are not secured and protected appropriately.

PwC’s range of Penetration testing services can simulate potential attackers to highlight potential weaknesses and vulnerabilities. Our experienced team is made up on bi-lingual cyber security experts holding industry recognised certifications such as OSCP. (Offensive Security Certified Professional). Our team has performed engagements across all industry types including but not limited to; Financial Service, Fast Moving Consumer Goods, Telecommunications and Media and manufacturing. We will be able to clearly report any security vulnerabilities to all relevant stakeholders across your organization tailoring the output to the target audience such as the technical team, business stakeholder or executive management.

Service Overview

PwC’s Penetration Testing services team can support your organisation by providing the following range of services:

Red Teaming / TLPT (Threat Lead Penetration Testing) - Our team will simulate real world scenarios and TTPs (Tools, techniques and procedures) utilized by cyber attackers. Based on your organisation our team will gather threat intelligence on potential actor groups and simulate their attacks. Our scenarios will include some of the testing types detailed below.

Web Application - We will test your public facing or internal web applications, both through the black box format (no details of the Web application is provided) or white box type (detailed understanding on the web application including source code). We will utilize industry known web application security testing standards such as OWASP Top 10. Our goal will be to gain unauthorised access and exfiltrate data.

Infrastructure / Network - Our team can perform testing on your corporate network to highlight weaknesses that may allow a malicious user unauthorized access to your digital assets. We will be able replicate scenarios to conduct this testing internally (LAN, VPN) or externally (Internet, WiFi). Our goal will be to gain unauthorised access, lateral movement and exfiltrate data.

Mobile Application - Organizations are utilizing mobile applications for iOS and Android to make their employees or customers life convenient. Our testing services provide in depth analysis of mobile application to highlight any potential weaknesses. Our goal will be to gain unauthorised access and exfiltrate data.

OT (Operational Technology) / ICS (Industrial Control Systems) Testing - Our team will identify weaknesses in your OT / ICS environment through known, tried and tested tools and techniques. Our team has experience and knows how to test these critical environments whilst minimising disruptions to your operations. Our goal will be to gain unauthorised access, lateral movement and potential ability to cause disruption.

IoT Hardware Hacking - IoT hardware is being utilized by organizations internally to simplify business operations or is being developed for consumers. Our team has a purpose built IoT hardware hacking lab with the latest technology to test these devices. We can conduct destructive and nondestructive testing on your IoT devices to highlight any weaknesses. Our goal will be to leverage IoT hardware devices to gain unauthorised access, potential ability to cause disruption or any safety issues.

PwC rated as a Leader in Cybersecurity Consulting Services Providers in Asia Pacific

PwC announced that it was cited as a Leader in The Forrester Wave™: Asia Pacific Cybersecurity Consulting Providers Q4 2019.

Forrester notes that: “Innovation, vision, and the ability to engage executives are key differentiators.”

Find out more