Nexigen Penetration Testing

The Nexigen Cyber Security Penetration testing process starts with a vulnerability scan to create a security baseline and bring visibility to potential security threats with network devices, servers and desktops (anything on the network).​  Then we start a penetration test which uses the information collected by the vulnerability scan and attempts to bypass network cyber security and achieve administrative access on the network.​

A detailed report is produced illustrating how the findings were discovered and what techniques were used. ​ A summary report is created listing the findings and recommendations ad actionable items.  ​The final reports are usually delivered a couple of weeks after the testing is concluded, depending on the volume of findings. We will set a more exact timeframe when testing is concluded.

Free Consultation
Cybersecurity Pen Test Cincinnati, Oh

Basic Pen Testing Services

Includes deep-dive vulnerability scan and validation of discovered threats. Testing for OWASP top 10 and other common web development issues. Full standards-based report of discovered flaws and all testing methods.

Scans internal network for configuration errors and known cyber security vulnerabilities, review report for legitimate issues, provide notes on how to remediate issues.

Social Engineering Pen Test includes up to 5 USB drops, spear phishing attempts, credential harvesting, and phone based social engineering.

  • These scans look for weaknesses in systems without exploiting the specific weaknesses.​
  • The scope of vulnerability scans can include network, hardware, operating systems, and software.​
  • Known vulnerabilities are scored based on a standard system used to evaluate several factors of the vulnerability such as the complexity of exploit and likelihood of exploit.​
  • Vulnerability scans are typically automated leveraging industry-standard tools.​
  • Vulnerability scans require a trained security professional to interpret the results to assess the true risk to an organization.​
  • Vulnerability scans are typically the first step of a security assessment or penetration test.
  • Internal Vulnerability Scanning- Scans internal network for configuration errors and known vulnerabilities and provide raw report.​
  • External Vulnerability Scanning – Scans external IP addresses for known vulnerabilities and provide raw report.​
  • ​Microsoft 365 Vulnerability Scan – Scan of Microsoft Office 365 tenant for Indictors of Compromise.

Advanced Pen Testing Services

  • Network penetration tests are the next logical progression of cyber security testing following vulnerability scans.​
  • Network penetration testing uses the results from a vulnerability scan along with the tester’s experience and attempts to bypass cyber security by exploiting vulnerabilities.​
  • A goal is defined, like gaining administrator access, as part of the test. ​
  • Network penetration tests focus on avoiding detection while attempting to gain an elevated level of access to a network. ​
  • Tests of this nature are performed by a certified ethical hacker who is constrained by the scope of engagement.​
  • The quality of the penetration test is determined by the professional performing the test.​
  • Penetration tests exploit external, internal, and application weaknesses in systems using manual and automated attack techniques to accomplish the stated goal.
  • Application Penetration Tests are like Network Penetration tests, with the distinction being a specific focus on applications.
  • Application Pen Tests will attempt to break or trick the application by injecting bad data, bypass logins, elevate a user’s permissions or access, extract data from the application, or deny the users the ability to use the application.
  • Application Pen Tests validate if the application is following secure programming techniques like validating inputs, catching HTML injection, preventing SQL injections, preventing cross site scripting, and validating users. ​
  • Application Pen tests will typically test the application from an unauthenticated user scenario and an authenticated user scenario. ​
  • Unauthenticated user testing will attempt to break into the application without valid user credentials. This approach will test if unauthorized access to the application can be accomplished.​
  • Authenticated user testing will access the application using valid user credentials; attempts to bypass application cyber security, extract information, elevate permissions, etc. ​
  • Nexigen works with clients to determine rules of engagement to measure success.​
  • Social Engineering Penetration tests consist of utilizing techniques like physical reconnaissance, phishing ( spear phishing, phone phishing, email phishing), USB drops, credential harvesting, and impersonation to gain access to a designated target.​
  • Nexigen works with clients to determine rules of engagement to measure success.
  • Goal is to help organizations understand what attack vectors can be used​
    against them by manipulating their people and processes.
  • These scans look for weaknesses in systems without exploiting the specific weaknesses.​
  • The scope of vulnerability scans can include network, hardware, operating systems, and software.​
  • Known vulnerabilities are scored based on a standard system used to evaluate several factors of the vulnerability such as the complexity of exploit and likelihood of exploit.​
  • Vulnerability scans are typically automated leveraging industry-standard tools.​
  • Vulnerability scans require a trained cyber security professional to interpret the results to assess the true risk to an organization.​
  • Vulnerability scans are typically the first step of a cyber security assessment or penetration test.
  • Internal Vulnerability Scanning- Scans internal network for configuration errors and known vulnerabilities and provide raw report.​
  • External Vulnerability Scanning – Scans external IP addresses for known vulnerabilities and provide raw report.​
  • ​Microsoft 365 Vulnerability Scan – Scan of Microsoft Office 365 tenant for Indictors of Compromise.
maria reynolds

Nexigen provides all our IT Infrastructure. The one-stop Help Desk for our employees allows our internal IT department to stay focused on software applications and business support. As well, Nexigen provides on-site services upon request. The knowledgeable staff and flexibility in services are perfect for our mid-size Company. Nexigen’s IT Infrastructure support has enable exponential expansion of finance branches and retail locations.

Maria Reynolds, IT Administrator, Eagle Finance, Florence, KY
Curtis Edwards

Have an IT Guy in Every Cubicle!

There are many positive changes since Nexigen started serving our IT needs, but the most noticeable change is the near instant service any day any time. And it’s not just answering the phone, they are almost always able to fix my problem very quickly. It’s like having an IT guy in every cubicle. The instant response and fast resolution of issues it what sets Nexigen apart. Don’t hesitate, they prove their worth immediately. You have all the resources you need without paying them to game in the server room. If that is appealing to you, do it!

Curtis Edwards, ThreeBond International, West Chester, OH

Piece of Mind – Sleep Well at Night!
The biggest benefit of using Nexigen is piece of mind. Knowing that they are managing our IT and watching our back is a tremendous benefit to us. I like to sleep well at night and knowing that Nexigen will be there for us when we need them most lets me do that. They respond timely and have most issues resolved in a short amount of time. Even issues I expect to take considerable time are resolved quicker than I expect. You aren’t going to find more knowledgeable IT people that are easier to work with than Nexigen. Just do it!

Mark Bates, Chief Operating Officer, Wealthquest, Cincinnati, OH

Responsive and Knowledgeable – Leave Your IT to the Pros.

Nexigen allows us to focus on our core business instead of worrying about managing our IT infrastructure. Also, they were able to quickly recover from a ransomware attack quickly and efficiently with very little interruption to our operations. The team is responsive and knowledgeable. I always get through promptly when support is required.

Paul Hayes, President, Able Tool, Cincinnati, OH

A True Partner Developing Solutions for the Future.
Nexigen has been a true partner for us. They really take the time to understand our future goals and provide solutions not just for the moment, but the future of our organization.

Jeremy Bolling, CFO, Conger Construction Group, Lebanon, OH
Joseph Schimpf

I’ll Have What They’re Having

We have been Nexigen customers for 10+ years and we consider them a vital part of our team. The multiple layers of service that Nexigen provides set them apart from other IT providers and give my firm the quick answers we need at times, as well as the expertise for bigger issues or upgrades. The Nexigen Help Desk is always accessible to troubleshoot minor issues that might arise, while the sales and experienced tech staff that really understand our firm’s existing systems and needs are also just a phone call away. The biggest differentiators that I have noticed are 1) accessibility and responsiveness and 2) accurate pricing and timing estimates.

Joseph Schimpf, Schimpf, Ginocchio, Kehres & Clark, LLC, Cincinnati, OH

Request a Free Consultation

A tech professional will get in touch with you to discuss your specific IT needs.