Penetration Testing

Penetration testing services are the most comprehensive way for you to identify and mitigate risks in your cyber security.


It’s a simulated cyber-attack on your IT defences, just like a real cyber criminal would do. Penetration testing services help you to uncover and understand the weaknesses in your cyber security defences, so you have clarity on what steps to take to protect your business assets.


CyberUnlocked assists businesses and Managed Service Providers to build robust cyber security defences and protect their assets. Contact our team for a tailored programme to deep-dive into the strength of your cyber security.

What are the types of penetration testing?

There are 6 main types of penetration testing in Australia:


1. Network Penetration Testing: Protects from the most common network-based attacks, such as firewall bypass and attacks on the router, proxy server, open ports and database.Web and Mobile Application 


2. Penetration Testing: Specific to web applications, across a variety of browsers, as well as mobile applications, across both Android and iOS.


3. Client-Side Penetration Testing: Specific to client-side applications that run in the browser.


4. Wireless Penetration Testing: Secures devices connected to Wi-Fi, such as laptops, smartphones and IoT devices, as well as wireless protocols, such as Bluetooth.


5. Social Engineering Penetration Testing: Protects from hacking attacks that involve tricking users, such as phishing attacks.


6. Physical Penetration Testing: Protects physical spaces with security camera systems, passkey barriers and other security controls.

What are the stages of penetration testing?

There are 4 stages of penetration testing in Australia


1. Plan: To design a test that will uncover as many weaknesses as possible, and masquerade the abilities of the best cybercriminals.


2. Scan: Automated scans of the IT system, to uncover weaknesses.


3. Exploit: A manual step where a cyber security team exploits the weaknesses uncovered to gain unauthorised access. The goal is to enter as deep into the IT network as possible.


4. Analysis & Reporting: The team provides a report detailing its findings - including which tools cybercriminals could use to penetrate the IT system, a list of identified vulnerabilities, their level of risk, and recommendations to prevent future cyber-attacks

What are the differences between vulnerability testing and penetration testing?

Vulnerability testing and penetration testing are two types of security risk assessment frameworks.


Vulnerability scanning is an automated scan that systemically analyses the security of an IT system, looking for weaknesses.


However, a penetration test is a simulated cyber-attack, manually carried out by cyber security experts. It is a more thorough test that emulates the savvy and ingenuity of how real cybercriminals attempt to hack into IT systems.


The difference is that vulnerability testing uncovers known weaknesses to protect against, while penetration testing is more comprehensive and tailored to the cyber risks a business may face.

How do I choose a penetration test vendor?

Cyber security is an arms race between white-hat and black-hat hackers. Successful penetration testing depends on having a team who can simulate the technical competence and creativity of cybercriminals in the real world, to make sure your business stays one step ahead.


Penetration testers should have experience and expertise in the area of specialisation. As your security consultant, they should always offer manual testing, to identify any false positives that an automated scan may pick up.


They should provide detailed documentation on the scope and rules of engagement before commencing, and provide a comprehensive report with the results.

What are the types of penetration testing?



There are 6 main types of penetration testing in Australia:


  1. Network Penetration Testing: Protects from the most common network-based attacks, such as firewall bypass and attacks on the router, proxy server, open ports and database.
  2. Web and Mobile Application Penetration Testing: Specific to web applications, across a variety of browsers, as well as mobile applications, across both Android and iOS.
  3. Client-Side Penetration Testing: Specific to client-side applications that run in the browser.
  4. Wireless Penetration Testing: Secures devices connected to Wi-Fi, such as laptops, smartphones and IoT devices, as well as wireless protocols, such as Bluetooth.
  5. Social Engineering Penetration Testing: Protects from hacking attacks that involve tricking users, such as phishing attacks.
  6. Physical Penetration Testing: Protects physical spaces with security camera systems, passkey barriers and other security controls.

What are the stages of penetration testing?



There are 4 stages of penetration testing in Australia

  1. Plan: To design a test that will uncover as many weaknesses as possible, and masquerade the abilities of the best cyber criminals.
  2. Scan: Automated scans of the IT system, to uncover weaknesses.
  3. Exploit: A manual step where a cyber security team exploits the weaknesses uncovered to gain unauthorised access. The goal is to enter as deep into the IT network as possible.
  4. Analysis & Reporting: The team provides a report detailing its findings - including which tools cyber criminals could use to penetrate the IT system, a list of identified vulnerabilities, their level of risk, and recommendations to prevent future cyber-attacks.

What are the differences between vulnerability testing and penetration testing?


  • Vulnerability testing and penetration testing are two types of security risk assessment frameworks.
  • Vulnerability scanning is an automated scan that systemically analyses the security of an IT system, looking for weaknesses.
  • However, a penetration test is a simulated cyber-attack, manually carried out by cyber security experts. It is a more thorough test that emulates the savvy and ingenuity of how real cyber criminals attempt to hack into IT systems.
  • The difference is that vulnerability testing uncovers known weaknesses to protect against, while penetration testing is more comprehensive and tailored to the cyber risks a business may face.

How do I choose a penetration test vendor?


  • Cyber security is an arms race between white-hat and black-hat hackers. Successful penetration testing depends on having a team who can simulate the technical competence and creativity of cyber criminals in the real world, to make sure your business stays one step ahead.
  • Penetration testers should have experience and expertise in the area of specialisation. As your security consultant, they should always offer manual testing, to identify any false positives that an automated scan may pick up.
  • They should provide detailed documentation on the scope and rules of engagement before commencing, and provide a comprehensive report with the results.

View our other Services

Vulnerability and Risk Assessment

Governance and Compliance

Web Application & API Security

Share by: