Penetration Testing.

Taking it past the surface by testing in depth.

We help make your vulnerabilities apparent and collaborate with your teams to remedy them. Our testers take it a step further by testing down to the root for weaknesses and vulnerabilities.

PHASE 1

Passive and Active
Information Gathering

The assessment begins by canvassing the attack surface of the application or software. The goal of passive recon is to use publicly available tools to gather information. Active recon leverages tools under a scope of engagement to address the attack surface.

Vulnerability
Assessment

Once the target has been canvassed, the next step is to look for the low-hanging fruit. Using our suite of tools, we readily probe for vulnerabilities and vectors of attack.

PHASE 2

Exploitation

Our security experts will then run the vulnerabilities through test cases to canvas the internal attack surface laterally. As the internal attack surface expands during testing, the client and stakeholders are informed on a cyclic basis.

Reporting

The findings of the engagement will be encapsulated in a document in order to help visualize the attack surfaces that need to be hardened or refactored. The report will consist of exploitation point of concepts, processes, remediation plans, and assessment of risk.

PHASE 3

Remediation Testing

Penetration tests are not complete until the vulnerabilities are resolved. Instead of bolting security on the surface, we build security directly into your software and applications.

Communication
at every step.

Establishing a point of contact and a communicative structure is important to us. We streamline the data in a drawn out report to help you visualize where and how to fix the vulnerabilities that were found.

Create a gauge of completion

To stay consistent with your development cycle, a roadmap will be established to meet the scope and requirements of the engagement.

Identify Point(s) of contact

Decide on who within the organization will coordinate efforts during and after testing.

Creation & Dissemination of Deliverables

Deliverables that are generated during the engagement will be communicated to the client and shareholders.