Enginsight Security Audit is a professional penetration testing and security assessment service that evaluates the security posture of an organization's IT infrastructure using the Enginsight platform combined with expert security knowledge. The service performs vulnerability analysis from three distinct perspectives: - Black-Box: External analysis of web applications without prior knowledge - Grey-Box: External analysis simulating an authenticated or non-authenticated attacker targeting IP-addressed assets (servers, clients, websites, routers, Active Directory, IoT devices) - White-Box: Internal analysis directly on Windows or Linux servers and clients, including countermeasure recommendations Key areas of assessment include: - Data discovery and information leakage detection, including hidden files, database dumps, and password files - Misconfiguration identification and insider attack simulation - Active Directory scanning for exposed information without authentication - Intrusion detection via a host-based IDS (HIDS) monitoring endpoints for anomalies and insider threats - Lateral movement entry point identification - Communication trustworthiness verification and identity theft protection analysis Upon completion, findings are compiled into a structured report with identified vulnerabilities and actionable recommendations. The service supports compliance with standards such as ISO 27001, TISAX, B3S, BAIT, and VAIT.