Security Penetration Testing
Penetration testing is one method of evaluating the security strength of a Trusted Computing Base (TCB). It is a pseudo-enemy attack by a friendly evaluation team on a computer system of interest to discover ways to breach the system's security controls, to penetrate the security perimeter of protection to obtain sensitive information, to obtain unauthorized services, or to cause damage to the system that denies service to legitimate users. It is a form of testing, which attempts to discover features, functions, and capabilities of the system that are unspecified and often unknown to its developers and users. It finds capabilities that can be exploited to breach security. These extra capabilities are "flaws" in the specifications, design, implementation, operation, or documentation of the system.
Penetration testing finds security flaws and complements security functional testing, which confirms the correct behavior of the specified security features, functions, and capabilities. The primary goal is to satisfy TCSEC requirements for assurance. Penetration testing provides independent validation of security trustworthiness of a system when performed by an impartial, competent evaluation team. Penetration testing is a useful vendor design and development tool, particularly in anticipation of product submission for evaluation per TCSEC
CygnaCom has a long history of successfully performing Security Penetration Testing.