Includes deep-dive vulnerability scan and validation of discovered threats. Testing for OWASP top 10 and other common web development issues. Full standards-based report of discovered flaws and all testing methods.
Scans internal network for configuration errors and known cyber security vulnerabilities, review report for legitimate issues, provide notes on how to remediate issues.
Social Engineering Pen Test includes up to 5 USB drops, spear phishing attempts, credential harvesting, and phone based social engineering.
- These scans look for weaknesses in systems without exploiting the specific weaknesses.
- The scope of vulnerability scans can include network, hardware, operating systems, and software.
- Known vulnerabilities are scored based on a standard system used to evaluate several factors of the vulnerability such as the complexity of exploit and likelihood of exploit.
- Vulnerability scans are typically automated leveraging industry-standard tools.
- Vulnerability scans require a trained security professional to interpret the results to assess the true risk to an organization.
- Vulnerability scans are typically the first step of a security assessment or penetration test.
- Internal Vulnerability Scanning- Scans internal network for configuration errors and known vulnerabilities and provide raw report.
- External Vulnerability Scanning – Scans external IP addresses for known vulnerabilities and provide raw report.
- Microsoft 365 Vulnerability Scan – Scan of Microsoft Office 365 tenant for Indictors of Compromise.