Penetration Testing & Ethical Hacking

Don’t be an Easy Target

Let us ensure the security of your system.

 

 

PENETRATION TESTING

 

A penetration test (“ethical hacking”) is often used to determine not only the feasibility of an attack but also the extent to which the organization could be impacted if an attack is successful.  This test is conducted by mimicking how an attacker could exploit security weaknesses across multiple systems within the organization.  

 

A penetration test is the only guaranteed way to understand the devastation an organization could face should they fall victim to a cyber attack.  A penetration test goes beyond identifying individual vulnerabilities.  Instead it explores the effects of a real-world attack that capitalizes on linking those vulnerabilities, which often results in a catastrophic compromise.

 

Without the knowledge a penetration test provides, an organization cannot fully realize the risk posed to their systems and data.

 

 

OUR PENETRATION TESTS

 

 

External Pentest

An external penetration test is often requested by organizations that have a public facing internet presence (for example: web applications, VPNs, mail and file transfer services, etc.).  Often a successful external attack can result in an open door into the rest of your network.  Our engineers can fully test your external systems and perimeter security devices, leaving you to rest assured that the front door to your organization is not left wide open.

 

 

Internal Pentest

An internal penetration test is more comprehensive than an external penetration test in that the entirety of the organization’s network is tested, not just the perimeter.  While strong external security is paramount, savvy attackers have found ways to circumvent the firewall and other border protection devices.  Often they do so through client-side attacks, such as enticing users to click a link, open an infected document, and/or leading them to the attacker’s malicious website. Organizations must develop strong layers of internal security to prevent these attacks.

 

The unfortunate reality is your users will sooner or later be compromised.  If an attacker gets into your system, how far can they get before you’re aware of their presence?  With an internal penetration test, our engineers can fully vette your organization’s risk.  Our team can provide you with the necessary information about the effects an attack could have on your organization.

 

 

Application Pentest

In today’s technical environment, many organizations rely on, and some even develop, web applications to perform essential business functions.  Web applications that are accessible from the internet can expect to be regularly attacked.  They are frequently targeted because of their availability and the valuable information they often contain.  “Bots” (also known as web robots) constantly probe the internet for web application weaknesses to determine if there is an opportunity for an attack. 

 

A web application penetration test can provide a thorough review of the risks to a web application and, consequently, to your organization’s data.  In addition to testing for common vulnerabilities such as injection and cross-site scripting, our engineers use a hands-on approach to ensure the business logic of the web application is fully tested for errors.  Current tools cannot adequately capture these errors to the same extent that our approach does.