Your browser has been detected as Internet Explorer 6. Please note not all website functionality will be available. Therefore we strongry reccoment upgrading your browser.

About Us

Testing Services

Vulnerability assessment
7Safe’s vulnerability assessment and vulnerability testing service goes beyond simple automated tools and includes manual verification and the eyes of a real penetration testing team.
Penetration testing
Penetration testing, pen testing or sometimes known as “ethical hacking” is a security testing service that focuses on locating flaws in your networks, infrastructure and overall architecture.
Application testing
Our Application testing falls into several categories including web application testing, application security, remote access applications etc and involves intricate security testing to establish weaknesses and flaws.
Web application testing
A service that examines your web applications and web application security - from coding and implementation flaws through to simple issues including SQL injection and cross site scripting.
Database
7Safe is an authority on Database security testing which closely links with overall application security and web application security together with in-depth analysis of database security design and implementation.
Wireless security testing
A security testing service to assess the vulnerability of wireless security in the workplace and to establish how best to protect wireless networks.
PCI penetration testing
7Safe operates in the field Payment Card Industry Data Security Standard (PCI DSS) and PCI Compliance undertaking penetration testing for client Cardholder Data Environments (CDE).

7Safe Services

CREST Approved Pen Testing services

News & Events

Subscribe To Our Newsletter

15th October, 2010

Penetration Testing IT Security Knowledge Share Evening

The P enetration Testing team at 7safe were delighted to welcome guests from a wide variety of organisations to our IT Security Knowledge Share Evening in the city of London on 14 October. Ian Glover, President of CREST (Council of Registered Ethical Security Testers) addressed the audience, explaining the necessity of high standards of competency within the pen testing community and importantly, how CREST is driving standards globally.

Highly informative demonstrations were presented from 7Safe’s Penetration Testing and Security Investigations and Assessments teams during the evening. These were designed to share some of the latest exploits and security incidents seen within organisations.

See detailed descriptions and videos below. Penetration Testing Network Event

Ryan Jones, Daniel Compton, Aleksander Gorkowienko: 7Safe Information Security Consultants

Cross-Site Scripting Explained

In his demonstration, Information Security Consultant, Aleksander Gorkowienko showed the audience a real life exploitation scenario of XSS flaw which is one of the vulnerabilities most frequently found during everyday penetration testing. The live demo illustrated how an attacker may exploit Persistent Cross-Site Scripting flaw, steal a user’s cookie then takeover his session and access sensitive information (e.g. bank statements).

Real World Penetration Testing

Daniel Compton, Information Security Consultant of 7Safe, took the audience through a demonstration of common risks found that he sees whilst carrying out penetration tests for clients. This covered two main areas which were “client side attacks” and “pivot attacks”. The demonstrations were all based on fully patched Windows operating systems with anti-virus protection, firewall protection and the latest patches for 3^rd party products. Once the client victim computer was exploited from the Internet, Daniel demonstrated how it was possible to pivot and dive deep into the internal corporate network and extracting passwords and credit card data. You can watch the video demonstration below.

Security Assessments: Common Weaknesses

7Safe’s Senior Security Investigations & Assessments consultant Ryan Jones, delivered a presentation outlining two basic security issues which have been found on a large number of Security Assessments. His presentation was delivered with an encouragement for attendees to tackle these problems themselves as they can be solved in simple procedural ways: “If you have a Security Assessment, give the consultants a challenge, don’t fall foul of these simple issues.”

Download PDF

7Safe London
27 Austin Friars
London
EC2N 2QP

Tel: +44 (0)870 600 1667
Fax: +44 (0)870 600 1668

7Safe Cambridge
South Cambridge Business Park
Sawston, Cambridge CB22 3JH
United Kingdom

Tel: +44 (0)870 600 1667
Fax: +44 (0)870 600 1668