Penetration tests

The aim of penetration testing is to reveal any vulnerabilities of the target information system, to determine the manner of their potential misuse and to make recommendations leading to their correction. To provide a comprehensive view of the condition of the infrastructure security and the application environment which may be used, for example, as an input in the risk analysis. This is done by testing and simulating various attacks against the system, both internal and external. The aim of the penetration testing is not to solve security issues, but instead to test, evaluate the level of security and submit a summary report, both at the technical level (settings for open ports, system versions) as well as at the organisational measures level (fraud and social engineering by employees). Some of the most frequent causes of IS vulnerabilities include, but are not limited to:

Failure to comply with applicable standards (RFC, W3C, ISO)
Inconsistent configuration of equipment (unnecessary/unused network services permitted, weak encryption)
Inadequate system topology
Lack of knowledge of management / proper operation
Disorder

During the penetration test, we try to penetrate the target information system and determine (if possible) all processes and areas where such an attack could actually be carried out In principle, for example, the following methods may be used for the penetration tests:

OWASP – Open Web Application Security Project
ISO/IEC 27001 / Cyber Security Act

Contact person

Ing. Lenka Mariánková

Product Manager

Phone+420 266 104 260

Mobile+420 730 588 365

Emaillmariankova@ezu.cz

Name	Domain	Purpose	Expiry	Type
pll_language	ezu.cz	The pll _language cookie is used by Polylang to remember the language selected by the user when returning to the website, and also to get the language information when not available in another way.	1 year	HTTP
elementor	ezu.cz	This cookie is used by the website's WordPress theme. It allows the website owner to implement or change the website's content in real-time.	never	HTTP

Name	Domain	Purpose	Expiry	Type
_gcl_au	ezu.cz	Provided by Google Tag Manager to experiment advertisement efficiency of websites using their services.	3 months	HTTP
_ga	ezu.cz	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.	2 years	HTTP
_gid	ezu.cz	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.	1 day	HTTP
_gat_UA-88740921-1	ezu.cz	A variation of the _gat cookie set by Google Analytics and Google Tag Manager to allow website owners to track visitor behaviour and measure site performance. The pattern element in the name contains the unique identity number of the account or website it relates to.	1 minute	HTTP
sid	seznam.cz	The sid cookie contains digitally signed and encrypted records of a user’s Google account ID and most recent sign-in time.	1 month	1

Penetration tests

Contact person

Menu

Useful information