What is Penetration Testing?

A penetration test is a threat emulation exercise, where we, the pen test team emulate a particular threat to determine if your organization is vulnerable to compromise by this threat actor. The threat actors we most commonly emulate are:
  • External, or Internet-borne attackers
  • Internal attackers, or malicious insiders

Types of Penetration Testing

We specialize in conducting the following different types of testing:
  • Web application pen testing – a deep dive into all facets of the target web application, using all the available roles or privilege levels within the application
  • Network pen testing – we analyze the host operating system and services running
  • Mobile app pen testing – we test IOS and Android applications and how they communicate with the API endpoint
  • Hardware pen testing – typically a mix of analyzing the hardware, firmware, and operating system to determine if vulnerabilities exist
  • Social engineering – We can conduct a wide range of tests to determine how well your users are trained to detect suspicious activities, but we most commonly perform phish testing
  • Landline/modem testing – believe it or not, some systems are still connected to landlines and modems, which we test by dialing up

Penetration Test Business Drivers

Whether you’re testing for PCI, FISMA, NERC, cyber security insurance, we can produce high quality penetration test deliverables to meet these requirements. Or maybe you’re just curious how your organization would withstand a real-world attack and would like to test your defenses – we can do it!

Penetration Test Results

Upon conclusion of the pen test, you’ll have a high degree of confidence that your organization can withstand a cyber attack. Or, you’ll know the areas of opportunity where you can increase your security posture.