In recent years, the need and importance of information security has been increased. Some of the reasons for this are legislation as well as the  standard requirements and the value of wisdom of companies. Companies take a number of solutions and measures in some way for their own information security. However, some works have to be carried out to determine the degree and strength of the solutions taken. One of these is the penetration test or with the best known name the pentest service. These tests are a kind of safety practice and one of the most important elements that companies should take regularly in order to be able to see the precautions they take and the solutions they will take. These tests may be possible for scoped information systems and try to penetrate by trying every path approved by the customer.

Within the framework of the Law on the Protection of Personal Data numbered 6698, which has recently been implemented in our country, it is obligatory for the enterprises to have security tests on a regular basis and to evaluate the results and to take necessary precautions. Likewise, regular security tests are required for the ISO 27001 Information Security Management System. In addition to regular internal security tests, it is recommended to take the external security test service at least once a year.

Security Test Headings

Security testing is a service that includes a set of tests. Briefly, these tests are given below.

· Scans for weaknesses that may be present in components in the internal network
· Scanning for weaknesses that may be present in external networking components
· Penetration tests on public web applications
· Domain configuration tests
· End-user computer penetration security check
· Database Penetration Tests and Security Audit
· Security tests of software specially developed for the institution
· DNS service test
· Email service test
· Social engineering
· Intranet-only web applications leak testing
· distributed denial of service (DDoS) tests
· Virtualization systems test
· Wireless Network Security Audit
· Firewall tests
· URL and content filtering test