Penetration Testing

OVERVIEW

What is a Penetration Test?

Otherwise known as “ethical hacking” or “white hat attacks”, penetration testing identifies any area of risk that could impact the confidentiality, integrity, and availability of your sensitive information—before it gets attacked for real. We can then proactively address those vulnerabilities, so you can protect your business from potential problems.

In many cases, a pen test is part of compliance with PCI, HIPAA, and other regulatory frameworks. In addition to probing general network and server vulnerabilities, we can access specific IT targets, flags, such as firewalls, wireless networks, and web applications, or areas and assets containing sensitive data.

PROCESS

How Do We Do It?

Our industry-leading penetration tests are standards-based and incredibly comprehensive. In fact, our partners wrote the manual on it.

We factor in the fundamentals from the Open Source Security Testing Methodology Manual (OSSTMM), the Penetration Testing Execution Standard (PTES), and the Open Web Application Security Project (OWASP) Penetration Testing Guide.

From there, we provide a custom remediation plan and can even help you execute it. Because why plan if you’re not going to execute?

CUSTOM FIT

Tailored to Your Business

Everything we do is specifically tailored to your organization’s security and compliance needs.

Our penetration tests can include multiple locations and perspectives or be limited to just one perspective and a single location. They can also include social engineering exercises, web applications assessments, and a review of your key firewall rules base and configuration.

Components:

Passive Reconnaissance

Vulnerability Assessment

Penetration Testing

Web Applications Assessment

Mobile Application Assessment

Social Engineering (Phishing, Baiting, Pretexting)

Physical Security Review

Firewall and Router Configuration Review

Wireless Security Assessment