Vietnamese Network Security Joint Stock Company (VSEC) is the first Information Security assessment enterprise in Vietnam, providing and consulting services, solutions and high-tech products in the field of information security for domestic and foreign customers for nearly 20 years. VSEC’s services meet the needs of all organizations and businesses regardless of the deployment requirements, size or complexity of the IT infrastructure system, as well as monitoring capacity or management ability of the company.

SEE MORE

MARKETING MATERIALS

Vietnamese Network Security Joint Stock Company (VSEC) was officially established in 2009 but has already had nearly 20 years of experience in the Information Security industry.
In 2021, facing the changes in the economy due to the impact of the Covid pandemic and the trend of digital transformation in general, VSEC decided to launch a new brand identity that reflects its image and core values.

FAQ

Penetration testing, also known as “pentest,” is a method or tests to assess the security level of an organization. The tests are carried out within an acceptable range, simulating the attack scenarios of unauthorized attackers. When a security vulnerability is discovered, privilege escalation techniques will be used to gain access to confidential information, personal information, financial data, intellectual property or any other sensitive information. After performing the pentest, the experts will issue a report detailing the method of exploiting the security vulnerability and recommending patching the vulnerability. This will reduce the risk to the system.

Most of the standards in the world today require a pentest to be performed on the system. Pentest can identify vulnerabilities that accidentally appear during changes to the system’s environment such as system upgrades or reconfigurations. Pentest needs to be integrated into the software development process to prevent vulnerabilities from occurring during the development phase. From a customer’s perspective, organizations that have applied pentest measures will have a greater reputation and commitment to securely storing customers’ personal data. Pentest helps assess the security level of companies and organizations that are about to be acquired. Pentest will assist the organization to evaluate both emerging vulnerabilities or vulnerabilities that have not been publicly disclosed. It is very important to conduct the pentest right at the software development stage because it will minimize security vulnerabilities and make it much simpler to patch and restore.

Both Pentest and automated system scanning tools bring benefits to the system. Although these are different methods, they should complement each other and both should be implemented. Automated scanning tools will be low cost and effective for common vulnerabilities such as misconfiguration, missing patches and some others. However, there will be false discovery rates and they do not fully define the extent of impact when exploited. Different from automated tools, pentest, an application penetration testing specialist, will have a more comprehensive view of the system. Pentest tools are mainly tools that assist experts in gathering information or exploiting some components. Pentest will be performed by experts to analyze workflows, transactions, demonstrate privilege escalation and access to sensitive organizational information.

The time to perform pentest depends on the complexity and size of the system, including the planning, the scope of the pentest. After the pentest is done, there will be a report and discussion to patch the vulnerability. The larger the system, the more manpower and time it requires. Nevertheless, it is estimated that it will take from 4 to 6 weeks to complete a pentest process. If the system is too complex, we should divide it into several stages.

In short, when doing a scanning, the scanning system can have some minor effects on your website. However, we need to accept some of those influences to find vulnerabilities as if those vulnerabilities are discovered by hackers, it is likely that your website will be damaged much more heavily.

BE SECURED

Partners and customers can contact us directly via the following channels:

Security support: support@vsec.com.vn
Business Support: contact@vsec.com.vn
Marketing & Communication: marcom@vsec.com.vn
Hotline: 1800 2056
Headquarters:

Golden Land Building – 275 Nguyen Trai Street, Thanh Xuan District, Hanoi City

HM Tower – 412 Nguyen Thi Minh Khai Street, District 3, Ho Chi Minh City