Penetration Testing

INDEPENDENT Penetration Testing



Not mixed or blended with any other substance or material. Clear, perfectly in tune.

definition by Oxford Dictionary

LGMS is a pure Penetration Testing (Pen test) service firm. Many of our clients do not see us as just "Penetration Testing" but instead as their Trusted Security Advisory. As a cyber security service consulting firm, we do not proactively sell cyber security hardware and software products. However, we may provide recommendations and assistance in procuring the required hardware and software products if such request is specifically made by our customers.

Objective, unbiased testing is a critical differentiation between LGMS and the rest.

Since we do not represent any product brands and do not proactively sell any cyber security products, the LGMS Pen Test approach is always regarded as objective and neutral. The same approach is also the main reason why our clients trust us when it comes to penetration testing and security advisory.

Objectivity Counts

Why is it essential to engage a Pen Test firm that does not proactively sell cyber security products?

It’s simple. We don’t find problems on your network so that we can sell you any security solutions. We identify vulnerabilities to help you stay ahead of malicious hackers.

Our penetration testing services reveal real vulnerabilities that matter to your environment. Ultimately LGMS will provide advisory and guidance to help your business to become more secure.

CREST Certified Pen Testing Company

FIRST Malaysian company to be certified by CREST UK in performing Specialized Pen Test

Our professional service team has carried out hundreds of security tests for clients. On the whole, our clients, including major local banks and insurance companies, multinational companies, online retailers, government agencies, and critical public bodies using the methods and tools of a potential hacker.

Pen Test Service Provider

LGMS Pen Test services focus on real cyber security and compliance problems. If our penetration testing service uncovers a vulnerability, then we drill down for more information. Consequently, we make sure we understand your business and your operational environment. So that when we find irregularities, we know whether or not they matter to you.

While it may be vaguely interesting to report that “Port 139 on James’s Laptop is open” after running automated penetration testing tools on the internal network, how does that help anyone?

Pen Test effort should not entirely be based on automated tools. LGMS methodologies will apply hybrid business plus technical modeling approach. Vulnerabilities that matter to you will get prioritized and reported.


Contact Us Now
  • Our Penetration Testing Methodologies

    Unlike the typical Pen Test approach, we do not constrain ourselves with only standard methodologies like Open Source Security Testing Methodology Manual (OSSTMM), Open Web Application Security Project (OWASP), and NIST.

    LGMS approach will cover business nature,business-related criticality, the level of risk tolerance of the organization, and overall industry practices.

    With more than a decade of real-life experience in incident response and computer crime investigation, you can be confident that LGMS Pen Test methodologies always exceed real-life business challenges and getting you every bit of information that matters.

  • We understand that some people just want penetration testing because a regulator is making them do it. There is nothing wrong with that. In our niche, we’ll tell you right now that the price for our Pen Test services is comfortably smack dab in the middle. But our objectivity, our analysis, our qualities are incomparable.

    All penetration testing reports are 100% meeting the compliance requirements of PCI DSS and Monetary Authority of Singapore (MAS) Technology Risk Management Guidelines, Association of Banks in Singapore (ABS) Cloud Computing Implementation Guide.

  • Over the years, LGMS specialized penetration testing has become an integral part of the change management process for many financial institutions in the region. Our Pen Test engineers regularly work together with significant financial and government institutions to ensure that their servers and network devices are secured to minimize potential risk exposure and identify vulnerabilities in a proactive manner. Our penetration test methodology has become a guiding principle for our clients in building a more secure and robust infrastructure.

For more information