Penetration Testing

Is your organization’s perimeter secure? Most organizations believe their perimeters are secure but do not take the steps necessary to validate this belief. A perimeter penetration test is a crucial activity that will confirm whether your organization is in fact protecting itself from Internet-based threats. Furthermore, many organizations are faced with regulatory and compliance pressures such as PCI DSS, SOX, HIPAA, and GLBA requirements to perform perimeter penetration tests annually.

A perimeter penetration test requires a large amount of knowledge about software vulnerabilities and network assessment tools. Tevora, a certified PCI Qualified Security Assessor company, offers a comprehensive and thorough perimeter penetration test for organizations of any size. Our skilled consultants have a vast array of knowledge of both zero-day and legacy vulnerabilities and hold industry leading certifications including CISSP, CEH and PCI QSA. We utilize a compilation of commercial, open source and proprietary tools in our testing to ensure you are provided a complete assessment.

Our methodology is risk based and completely frictionless to your organization. We incorporate multiple industry standards into our assessment methodology including NIST 800, ISO 27002 and OSSTMM. Included in your final report are both details about the activities performed as well as remediation recommendations designed to reduce your organizations risk with regard to identified issues.

The entire assessment is comprised of several phases including:

• Public information collection
• Active host identification
• Network services vulnerability assessment
• Web application vulnerability assessment
• Network services penetration test
• Web application penetration test