Penetration Testing

Often termed as “ethical hacking,” is a service provided to ensure that even the bad guys can’t get to your systems.

Vulnerability assessments should be an integral part of a mature, proactive security program. Organizational changes – such as the implementation of a new system or update of an existing application – often introduce new vulnerabilities into organization. Periodic vulnerability testing can ensure you always have visibility into the security threats facing your organization. It is also a required component of common compliance mandates.


Areas of Assessment


Our team assesses the culture, organization, policies, and procedures that provide for IT management and control across five key areas: alignment of IT strategy and business/operational requirements, resource management, value delivery, risk management, and performance measurement.


Using industry benchmarks, we assess the IT department and the suitability of staffing levels, skills, and the balance of workforce to workload by IT tier. In addition, we can evaluate IT training programs, IT management structure, and compensation levels to ensure your organization is achieving maximum efficiency, employee satisfaction, and employee retention.


Our practitioners assess all aspects of IT security, including development standards, data security, configuration management, threat and vulnerability management, incident response, security awareness training, data classifications, and vendor due diligence.


We perform a critical analysis of key applications to determine the effectiveness, business value, lifespan, reliability, and end user satisfaction of each application. During the analysis, we categorize each application into four categories: tolerate, invest, migrate, or eliminate.


Our team evaluates the security and suitability of all elements of your internal IT environment, including the architecture and configurations of firewalls, servers and databases, wireless networks, and bring-your-own-device policies.


Vulnerability Assessment Methodology

Missing security service packs

Buffer and heap overflows

Local and remotely exploitable vulnerabilities

Conditions leading to denial of service attacks

Backdoors and trojans

Default accounts

The presence of rootkits or network hacking tools

Firmware vulnerabilities for networked devices