Defense-Grade Penetration Testing

penetration-testing-st-louis.jpg

Full scope cybersecurity penetration testing, from Red Team engagements to testing a single IP address. As ethical hackers (penetration testers), we emulate hackers and cybercriminals by utilizing similar techniques to perform reconnaissance, identify vulnerabilities, and break into your systems.  Unlike attackers, however, we play by our agreed upon Rules of Engagement (ROE). We cease the penetration test before exposing sensitive data or doing harm to your environment. 

We offer traditional Black, White, and Gray Box Penetration Testing, as well as Web Application Penetration Testing and Social Engineering.

Black Box Penetration Testing

With Black Box Penetration Testing we only have unauthenticated access and little prior knowledge, except the IP Address or URL, about the systems in scope.

Gray Box Penetration Testing

With Gray Box Penetration Testing we test target systems as an authenticated user with user-level access. For instance, we test a portal on your website by creating an authenticated user account or using credentials that you provide.  We attempt to escalate privileges or access controlled data. The Gray Box Penetration Test ensures users cannot access sensitive data, such as another user’s information.

White Box Penetration Testing

White Box Penetration Testing is designed to assess a system or device with"administrator" or "root" level access and knowledge.  This often includes access to architecture diagrams, design documents, specifications, and source code.  White Box Penetration Testing is ideal if you develop your own products or integrate systems into your environment.

METHODOLOGY

We follow a high-level seven phase methodology designed to maximize our efficiency, minimize risk, and provide complete and accurate results. The overarching seven phases of the methodology are:

  1. Planning and Preparation
  2. Reconnaissance / Discovery
  3. Vulnerability Enumeration / Analysis
  4. Initial Exploitation
  5. Expanding Foothold / Deeper Penetration
  6. Cleanup
  7. Report Generation

BENEFITS / RETURN ON INVESTMENT (ROI)

$6.5 million is the average total cost of a data breach

$217 is the average cost per lost or stolen record
— 2015 Cost of Data Breach Study: United States (Ponemon Institute Research Report)

We think it is better to have an ethical hacker find the holes into your enterprise than an adversary.  Our Penetration Testing provides details on exploitable vulnerabilities in a prioritized, tangible manner.  Our report allows you to better understand what your environment looks like from an attacker perspective.  This helps you prioritize efforts to mitigate risk to reduce breach likelihood or damage.

Not only do our Penetration Testing Services show you what your attack surface looks like to an adversary attacker, but they can be used as a safe way to test your organization's incident response (IR) capabilities.  Our Penetration Testing services can be used to tune and test your security controls, such as your IDS, Firewall, Endpoint Security, Router ACLs, etc.

Our Penetration Testing services also help you meet compliance audit requirements such as HIPAA, PCI DSS, and FISMA.

What you get / Deliverables

You get three items:

  1. Penetration Test Report
  2. Penetration Test Report Findings Review with your team via an online WebEx session
  3. Discounted Retest Option for a rerun of the Penetration Test after you fix identified problems

1. Penetration Test Report

The Penetration Test Report includes IP addresses tested, vulnerabilities discovered, steps taken during the assessment, exploitable areas discovered, and prioritized recommendations.  For any systems we are able to exploit, an “Attack Narrative” section is used to discuss step-by-step the process we used to gain access, escalate privileges, etc.

The report sample below is used as a quick reference to focus remediation and mitigation efforts on. The findings are ranked by risk rating and include recommendations (rec), reference links for mitigation steps, and tester notes.

Penetration Test Report Top 5 Vulnerable / Exploited Systems Example

2. Penetration Test Report Findings Review

Photo by Chagin/iStock / Getty Images

We schedule either an in-person of online session with you where we walk through the report with your team and answer any questions about the findings, our methods, or the steps required for remediation. Many competitors deliver a confusing lengthy report at the end of the engagement for you to decipher. Our penetration test report review adds tremendous value because we can clarify findings and remediation steps.

3. Discounted Retest Option

How do you know the steps you took to fix our penetration test report findings actually worked? Validation removes the guesswork. When you're ready, after fixing the issues identified in the penetration test report, we offer a deep discount to rerun the same penetration test. This is a crucial and often overlooked step in this process. Validating security controls, patches, and other fix actions is extremely important. We have discovered numerous organizations that thought they fixed a finding we identified, only to discover after a retest that the finding was still there.

Interested in testing your systems to see how effective your security controls are against an attacker?

Contact Us or use the form for more information about our Penetration Testing Services or to schedule a Penetration Test.

Penetration Testing FAQs

What are the differences between White, Black, and Gray Box penetration tests?

White Box Penetration Test - a penetration test where the penetration tester has "administrator" or "root" level knowledge about and access to a system.  This often includes access to architecture diagrams, design documents, specifications, and source code.  A White Box Penetration Test is the most thorough and time consuming. White Box Penetration Test characteristics:

  • Full Access at Root or Administrator level
  • Documentation intensive
  • Most thorough penetration test
  • Most time-consuming penetration test
  • Typically used during system development or prior to deployment

Gray Box Penetration Test - a penetration test where the penetration tester has "user" level knowledge about and access to a system.  A Gray Box Penetration Test is typically used when you want to test an insider threat or an application that supports multiple users.  The insider threat is tested to see what damage a user (non-administrator) could do to your environment.  Application testing is used to test authenticated user access to ensure a user on an application cannot access another user's data or escalate privileges. Gray Box Penetration Test characteristics:

  • User-level Access
  • Limited documentation provided
  • Fairly thorough penetration test
  • Fairly time-consuming penetration test
  • Typically used to test systems with multiple users or emulate insider threat

Black Box Penetration Test - a penetration test where the penetration tester has little to no knowledge about and unauthenticated or limited access to a system. Black Box Penetration Test characteristics:

  • Unauthenticated Access
  • No documentation provided, other than target IP address or URL
  • Fairly thorough penetration test
  • Fairly time-consuming penetration test
  • Typically used to emulate an adversary with little knowledge about the target

What is the difference between a vulnerability assessment and a penetatration test?

A vulnerability assessment is less-intrusive than a penetration test.  With the vulnerability assessment, we identify vulnerabilities, but do not exploit them.  A penetration test goes beyond a vulnerability assessment by exploiting vulnerabilities and seeing how far into your environment an attacker can go by taking advantage of system or application vulnerabilities.

What happens if during the penetration test you discover we already have an infection?

This is quite common.  Any existing malware or breaches discovered during the penetration test will immediately result in a cessation of testing and be brought to the attention of the designated Point of Contact (POC). We can help with incident response, digital forensics, and malware analysis.

Is the penetration test performed remotely or onsite?

For an External Penetration Test against your internet-facing systems, we perform this service remotely.  For an Internal Penetration Test, we travel to your location and perform this service onsite.  To leverage the fact that we will be traveling to your location, we offer to bundle (at a discount) other services that require us to be onsite with the Internal Penetration Test, such as our Wireless Security Assessment and Physical Security Review.  

RELATED SERVICES