Security Testing

Customized solutions to protect your business.


Secure solutions that verify and measure your level of cyber security, included among the minimum safety measures provides by the European Data Protection Regulation (GDPR).

The solutions offered by AGM Solutions are able to identify vulnerabilities, threats and risks related to cyber attacks in order to maximize the IT security of any organization.


The services to analyze the level of security are:

  • Vulnerability Assessment
  • Penetration Testing
  • Code Review



The Vulnerability Assessment service involves the execution of a mix of automated, semi-automated and manual scans and verifications in order to detect the presence of known vulnerabilities.

The Vulnerability Assessment process is conducted with technological solutions that are designed to:

  • analyze corporate networks
  • detect, recognize, classify each device connected to them
  • search for potential known vulnerabilities (outdated software, invalid certificates, bridge/non-essential services open, etc…)
  • verify the criticality associated with each individual vulnerability according to the value of the asset and the threat
  • assess the need for corrective actions
  • verify the effectiveness of the intervention performed.

This activity must be carried out through specialized activities by company security experts with advanced technical skills capable of translating the results and identifying false positives.

  • Assess system vulnerabilities



The Penetration Testing service extends the Vulnerability Assessment service: starting from vulnerabilities identified in the Vulnerability Assessment phase, attacks on systems and applications are implemented to fully exploit the vulnerabilities to obtain unauthorized access to systems.

Penetration Testing shows in detail what the consequences of an attack that exploit the vulnerabilities identified may be.

  • Prevent possible external threats.



This service provides analysis of the sources (made available by the customer) of the application of which you want to verify the level of security.

Unlike the Vulnerability Assessment and Penetration Testing activities, this analysis is not performed from outside the application, but by analyzing the source code in order to identify the degree of intrinsic security, identifying vulnerabilities linked to static passwords or failure to comply with rules and best practices in the development phases. The activity is carried out with the aid of IT tools that perform a series of surveys.


The activity is listed regardless of the size of the code to be analyzed.

  • Identify the degree of intrinsic safety.

At the end of each activity, the results are reported in two reporting levels:

  • Executive Summary
  • Technical Report

The first is addressed to management and contains the high-level summary of the main vulnerabilities identified and indications on the level of security found. The second shows the detailed indication of the vulnerabilities detected and their classification, the exploits, the indications concerning the impact and the corrective measures addressed to the IT staff, any references to external documents, etc.

Request more information for your company’s it security!