Physical penetration testing is an assessment of the physical security controls of an organization. Much like traditional network penetration testing, you are measuring the security of a system, and in this case, it happens to be in the physical world. The consulting...
In today’s world, massive data breaches and sophisticated malware litter news headlines. Unfortunately, it often feels as though it’s more when your organization will fall victim, rather than if. Still, many organizations choose to only meet baseline...
We conduct a wide variety of assessments for a wide range of clients. We provide assessment services for universities, health care companies, law firms, telecommunication providers, and many more. Some of our clients have mature infrastructures, while others are still...
Clients often ask if they should keep the same penetration testing vendor each year or rotate. While we hate to have our clients depart and pride ourselves in cultivating a partnership with them, we always adhere to giving unbiased advice. Unfortunately, it’s...
The majority of our internal penetration tests are at least a week long. While we generally have a drop box sent to the client to enable our access to the network, we have to consider efficiency as well. Ensuring persistent access in a network is vital to that...
Welcome to the second edition of Pentest Tales, a blog series that walks through real-world pentests we’ve performed in the past. The purpose of this blog is not just to share the “owning” of a domain, but to provide education as to why a domain was...
