Penetration Testing Services
Our Penetration Testing Services are provided to test your Company's Cybersecurity strength. We identify your Company's weaknesses and fix them. This is to make sure a malicious attacker doesn't identify those weaknesses and take your business.
RED TEAM ENGAGEMENT
So this is where we put on our "black hat" and take on the role of a malicious attacker. Since we are taking on this role there are some main points of these engagements:
Usually on 2 or 3 people in the Company know we are conducting the engagement - this is to keep the secrecy that the malicious attackers would take to gain access
In these engagements, we are testing the capabilities of the people in an organization as well as the networks
Each attack is crafted for the specific engagement that best represents what threats would be aimed at your company.
Internal Network Penetration Testing
Here we conduct vulnerability scans, port scans, and testing on all internal network computers, devices, networking equipment, databases, VOIP, etc. This is customized to each individual company. We also offer the option of mapping out your entire network with this testing service for you to keep on hand.
External Penetration Testing
This is where we conduct a vulnerability scan of your company’s public-facing (customer-facing) systems, manually verify issues and exploit any issues we find. Customer facing systems are software or devices that your customer could possibly interact with that you provide. We test these systems for weaknesses.
Pivoting / Assumed Compromised Testing
With Pivoting, we start as the least privileged user in your organization and attempt to gain access to other systems, identify sensitive data, raise our privileges on your network and pivot to other areas of the network using the local system and the credentials given by your organization. This is done through through phishing email campaign or the imitation of an employee or contractor.
This helps your company to understand what can happen and how you can raise your internal security.
This testing shows the activities an attacker or malicious insider might perform.
Detection & Control of Data Testing
This is the testing of your IT department and all of your departments collectively. Here we assess your organizations ability to block incoming malware that is sent via phishing email and prevent the leaking of sensitive data. This will show how well your organization detects and alerts on malware and controls that data needing to be protected.
Web Application Testing
With Web Application testing we perform in-depth assessments on all web applications your company may use. We will discover any vulnerabilities brought by programming issues, weak configuration, or faulty theories about the behavior of the user. We utilize AI and manual inspection to run this testing.
Mobile Application Testing
We all use mobile applications in our businesses. With this testing we focus on assessing mobile applications your employees use for business and what vulnerabilities those apps may have within. We also investigate what these applications are sending to your servers within your network.
With this testing we attempt to find the rogue access points, map your organization's wireless footprint and assess your wireless systems' overall security.