Penetration Testing Methodology

Kenya Industrial & Allied Safety Services Security Program Maturity Testing does more than just help our customers identify their security deficiencies, it assists in driving to the root cause to eliminate persistent blind spots. Our process combines our world-class penetration testing methodology with our team's expert approach. These combined processes allow your organization and security posture to be assessed from the perspective of an attacker, so that recommendations can be provided with the appropriate programs and controls aimed to defend against that same attacker mindset. Methodology:

Penetration Testing

After an unobtrusive Internet investigation of your public–facing presence and information, we will paint a picture of what your perimeter looks like to the outside world. This is followed by a more aggressive manual testing, aimed at analyzing and gathering data to build and execute a hacker–minded attack plan.

Our penetration testing process also includes password cracking mechanisms and application vulnerability validation.

Strategic Services

To supplement the efforts put into penetration testing, our Strategic Services team will then analyze all findings, assess the security program through in–depth interviews and documentation review, and identify key critical security control areas that need to be adjusted. This phase closes the loop and takes the process from symptom identification to root–cause analysis and process planning for mitigation.


Kenya Industrial & Allied Safety Services will provide your team with actionable reports that include tactical next steps to fix the immediate issues and strategic guidance on remedying the source of those issues. In addition, Kenya Industrial & Allied Safety Services will perform a debrief to project constituency and summarize the findings of both the penetration test and the strategic root cause analysis.


Security Program Maturity Testing provides a holistic view of your environment from both the perspective of the attacker as well as the informed approach of our consultants. Deliverables include detailed penetration test results along with actionable tactical and strategic recommendations to remediate discovered findings.