Penetration Testing

Cybercriminals hack devices, steal personal information, send spam, run phishing scans and target bank accounts.

It’s a global problem. How do you know your business is secure?


Defence Logic offers several security testing services simulating various types of attacks.

These can be combined or undertaken separately as part of a security testing consultation process.


Network Security

Identify weaknesses in your networks before an attacker does. Our Network Security process tests your network from the inside to assess your company’s security posture. We also include an Active Directory password audit so that organisations can understand the quality of passwords in use.

Web Application

We test to assess web applications for any vulnerabilities such as SQL injection or Cross Site Scripting (XSS) in accordance with the OWASP standard.

Social Engineering

Our techniques assess an organisation’s resilience to attacks such as phishing, usb-style attacks and/or water hole attacks. These attacks seek to test the individual staff within an organisation.

Wi-Fi Security

An important aspect of any security audit project is Wi-Fi or wireless penetration testing ito assess the threat from an insecure Wi-Fi network.

IOT Security

Understand the risk, threats and challenges for IoT vendors and receive key insights on how to protect your IoT infrastructure.
Our Methodology

Identify & Prioritise







We begin every project by using a number of techniques to prioritise assets in terms of their vulnerabilities. This will chart a path to any possible exploitation vectors, which will be discussed with the client before any exploitation attempts are made if needed. If we identify any critical vulnerability that requires immediate attention, we’ll inform the organisation straight away to minimise the window of exposure.


Post exploitation, Defence Logic will use any access or privileges to attempt privilege escalation attacks penetrate your networks at the highest level possible. Detailed records will be kept charting our path including recovered data and copies of files that were changed. Our aim is to minimise disruption to any systems.


We produce a full report for your organisation which details the testing outcome and the paths taken to achieve any outcomes. Our risks are classified in accordance with the CVSS rating for any vulnerabilities found.

Every year, online attacks cost businesses invaluable time, money and their reputation.

Is your data safe? We see the threats you could miss.