After more than a decade in the space, we have found a methodlogy that we are excited to demostrate. What hacker doesn't want to show off?
Web App Approach
Manual and automated testing for XSS, SQLi, WAF Bypass, CSRF, Local and Remote Code Execution.
Manual and automated testing for Server Misconfiguration, Cloud Network Misconfiguration, Unauthenticated network scans, Authenticated network scans, Static and Dynamic Code scanning, Dependency scanning and Threat Modeling.
Time is critical! Especially when attackers are already enumerating your systems for holes. We take this into account on every engagement and work hard to get you a report you can take action on quickly.
Remote Network Approach
From multiple networks we perform WAN attacks along with External Port Scanning and External Host Identification and Exploitation. *Network size: cost changes based on sizee
From within your perimeter we test LAN attacks, all of the potential SaaS trust boundaries. Once on the network we test the level of hardening, finding printer misconfigurations and VLAN Hopping are our favorites. *Network size: cost changes based on size
Having direct control of your testers and what they focus on is very important, especially if you don't have a in-house team. We can fill that staffing gap for you and grow out that part of your business.
Our engineers are among those that are finding the 0day bugs and developing exploits as PoC for various vendors and platforms. This allows us to take the measures needed to get the holes found and a plan put together to get them patched before a real APT leverages them.
Defend and Detect
With our detailed report you can define a Incident Response plan and define signatures for Threat Hunting.