Penetration Testing
Penetration Testing
Multi-faceted security testing in which we work with your IT team to probe your organization’s network infrastructure and devices and identify vulnerabilities. Our testing identifies insecure applications, network services, overly-permissive firewall rules, and other configuration settings that could allow a hacker to attempt to compromise systems and data.
Our Process
Our approach is to both find and identify vulnerabilities and attack vectors that emerge during simulated cyber-attack scenarios. We will test systems primarily on-site at your facility, working with you to emulate the appropriate conditions and environment.
Our testing team will work closely with the client Information Technology team to adapt our repository of standard test cases to safely probe the devices associated with your network infrastructure. To ensure there is no impact on your production environment, we require schematics and manuals of devices, use case details, and prior coordination to enumerate critical system dependencies.
We will focus our activities to safely stress-test the IT infrastructures, as well as the team’s ability to detect indicators of compromise during endpoint security bypass, exploitation, escalation, and lateral movement on the internal network. We will execute various testing scenarios across the cybersecurity kill chain.
Location
ESL Global Cybersecurity Institute
Our state-of-the-art Cyber Range and Training Center, located at the ESL Global Cybersecurity Institute on RIT’s campus in Rochester, NY. It is capable of hosting more than 5,000 virtual machines simultaneously in immersive scenarios, enabling Executive Incident Response Training, Threat Intelligence and Emulation Training, and more.
Within this infrastructure, we are able to introduce threat intelligence systems in scale replicas of any massive, global business, with specific focus on healthcare, energy, and finance. The Cyber Range and Training Center provides alternate reality instructional vignettes for cohorts of corporate leaders and IT security professionals to experiment and learn, facilitating research opportunities in the most critical of industries.