Our United States-based team of Certified, Ethical (White-Hat) Hackers was built to provide testing and knowledge that will help mitigate risk to your company becoming the next Equifax or Target. Choosing Penetration Testing Services can help you save time and money, by being proactive about cyber security. Here are some of the tests that we offer:
Black Box Penetration Testing
Our team of Certified Ethical Hackers will be given no information other than an IP or domain address. This test, with the lack of information being provided, will be the best indication of everything a non-ethical hacker would go through and see. Essentially we will be emulating the movements of a cyber attacker by utilizing the same techniques and investigation to try and gain access to as much pertinent information as possible. The difference with our test being that we will stop before exposing any data as this exercise is simply to exploit and show vulnerabilities in your Internet-facing systems.
White Box Penetration Testing
White Box Penetration Testing, almost the complete opposite of Black Box, is the idea that our team will receive extensive information about how your company's system is setup and configured. This will include architectural diagrams and pertinent information such as the versions of all component systems that are being tested. With this test, we are given a specific scope of systems to test and look for vulnerabilities that might not necessarily be externally-facing. This type of test is perfect to show what vulnerabilities a cyber-criminal, who has knowledge and access to your systems, can take advantage of from either inside or out of the company infrastructure.
Code & System Audit
Just as is the case for White Box Penetration Testing, our Code and System Audit Service needs to be completes with the knowledge of how your company's internal systems work. The idea behind this test is to take a look at the code and configuration so that problems can be identified, even if they are not yet exploitable vulnerabilities. At the culmination of the test, interviews will be conducted and a detailed report with detailed recommendations will be outlined to finish the engagement. The Code and System Audit will not only help you with finding remediation for the issues that were identified, but also detail how your technical staff should be trained in the future to eliminate repetition of mistakes.
Internal Threat Analysis
Some of the most devastating cyber attacks that companies have faced, were part of an orchestrated internal attack. These are, by far, some of the most catastrophic incidents and extremely difficult to detect and prevent. Our Internal Threat Analysis Solution is similar to our Code and System Audit, however we focus on the internal systems and make sure that we provide recommendations that will minimize your company's risk of an attack.
Compliance Audit
Throughout many organizations, auditing has taken more of prevalent role in making sure that they are aligned with certain guidelines and regulations. Some of this would include making sure that a Healthcare Facility is operating in compliance with HIPAA Rules and Regulations. Each type of compliance audit has varied requirements as far as the tools and systems that need to be in place, with some requiring special certifications and/or expertise. If your company requires a Compliance Audit, please contact us to make sure that we can support your specific compliance needs.