Penetration Testing

Penetration Testing (or pen testing) puts your technology to the test by actively trying to exploit vulnerabilities. Despite growing threats and breaches each year, many organizations are in the dark about their security capabilities. Does your company know how hackers can get in?

Vulnerability scans outline the risks, and penetration tests see how your weaknesses can be exploited. For example, a scan can show that your network is vulnerable to Heartbleed, a common security bug. Your team already knows your vulnerability to Heartbleed. The next big "if" is how much damage would a Heartbleed attack cause to your network? How much sensitive information would leak?

Cryptex utilizes the same tools the hackers use, but in this case, for a good cause. To proactively fight against ongoing threats, Cryptex will manually conduct penetration tests to evaluate your security infrastructure by safely trying to exploit weaknesses. Vulnerabilities can hide in operating systems, applications, incorrect configurations, or dangerous employee behaviors.

There are automated programs to perform penetration testing, however the experts know the best tests are written from scratch specific to the network. Here is how we test all aspects of your network:

External Penetration Testing

Since the Internet is open 24/7, there is always an outside threat looming at the gates. Cryptex constantly stays current on the latest online threats so we can model them to test your network. External pen testing will attempt to access the security controls already in place.

Internal Penetration Testing

Not all threats lurk from the inky corners of the web. Some of the biggest threats to your IT structure rest within the borders. Do you know how damaging these internal blind spots could be? Internal Penetration Testing accesses the network as an admin, employee, or visitor to your building. During this type of testing we will try to get into your critical business systems from WiFi and local area networks.

Compliance

For specific industries such as healthcare, finances and legal, we provide pen testing to meet the security needs of your trade. Information from these areas are especially attractive since it can be used to steal client's identities. Our team is familiar with:

  • PCI/DSS
  • HIPPA/HITECH
  • FISMA

Cloud Penetration Testing

Your information in the cloud is constantly under attack. Since the cloud is not one single, physical server, it is an attractive way of access for hackers. With thorough reconnaissance, vulnerability assessment, and concentrated infiltration, Cryptex provides clear insight into your cloud perimeter.

Mobile App Penetration

We know how important your mobile applications are to your business. Mobile apps have unique threats against its security:

  • Continuously online and traceable
  • Focused on usability instead of security
  • More opportunities for user error

There has been a 167% increase in mobile malware since 2012. Is your business ready for these types of attacks ? To protect your information, Cryptex identifies and tests weaknesses in the specific mobile setting. Our process includes intelligence collection and threat modeling to make corrective actions.

Our tools for penetration are dynamic. We approach each client's network with a fresh set of eyes. Our IT experiences gives us insight in how hackers and malware work. Some attacks target easy opportunities while others use sophisticated designs to sneak past your defenses undetected for months.

As a premier security firm, Cryptex walks with you every step of the way during your test. Our security engineers provide complete reports detailing what data was compromised and how it was accessed so we can craft a customized defense plan. If you want to battle the persistent cycles of threats, contact us today.