About This Service
Can A Determined Attacker Gain Access to the Critical Assets You Cannot Afford to Have Compromised?
Overview
Convinced that each organization’s environment and needs are unique, I offer custom-tailored penetration testing services. A penetration test involves the use of a variety of manual and automated techniques to simulate an attack on an organization’s information security arrangements. A penetration test can give you knowledge of nearly all of your technical security weaknesses and provide you with the information and support required to remove or reduce those vulnerabilities.
Approach
Assessments can be performed black box (starting the assessment with zero knowledge of the environment) or white box (starting with knowledge of the environment).
The assessments are performed according to the Penetration Testing Execution Standard (PTES) and consist of 7 main steps:
-
- • Pre-engagement Interactions
- • Intelligence Gathering
- • Threat Modeling
- • Vulnerability Analysis
- • Exploitation
- • Post Exploitation Reporting
-
Deliverables
- • Summary for executive and senior-level management
- • Technical details that include enough information to recreate the findings
- • Fact-based risk analysis to confirm a critical finding is relevant to the targeted environment
- • Tactical recommendations for immediate improvement
- • Strategic recommendations for longer-term improvement