If your support issue requires immediate assistance, please call our office. Email and web form submissions are reviewed during business hours only.
In this phase, we perform open-source intelligence gathering focused on identifying the client’s public presence. This will help us identify targets for the assessment, potential threats, and leaked data.
In this phase, we use port and service scanning, OS fingerprinting, and leveraging the results of vulnerability scans to enumerate the attack surface area and openings. This will help us identify open ports, protocols, and services passing traffic in and out of the environment; we then fingerprint and catalog versioning information on all protocols and services available, as well as present vulnerabilities detected.
In this phase, an attack plan is formed using data gathered in previous phases. The attack plan will consist of probing vulnerabilities, singular and chained sequence attacks, and custom attacks prepared by testers. The focus of the attack plan is to gain access to systems and data. Once initial access is gained, the goal shifts to escalating privileges to make the attack more pervasive and gain access to sensitive assets and information.
In the last active phase of the PenTest, password cracking and strength testing is included, using username and potential authentication details gathered during previous phases, with a goal of obtaining access to services and devices that are not available through a configuration error or vulnerability exploitation.
Within a few days, we will submit a report that compiles the result of the penetration testing, including:
A security expert will also be available for a one-hour conference call to discuss the findings.
A Pentest Assessment can focus on any assets you select, including:
Our security experts are proficient with dozens of cutting-edge security tools, including: