top of page

Manual Pen Testing Assisted with a Continuous Autonomous
Solution

Untitled design - 2023-04-20T114609.686.png

With our senior penetration testers and partnerships with best-in-class service partnerships, you can be assured that you will not only get accurate results, you will get them fast and with minimal effort.

Senior Pen Testers assisted with Autonomous (not Automated) Pen Testing

Our service is different from other pen testing solutions – we combine the lower cost and high frequency testing capabilities of automated pen testing with the expertise, thoroughness, and precision of manual pen tests performed by highly skilled security professionals. The result is an ability to run continuous purple teaming exercises at a low annual cost. Pen testing has evolved from manual, to crowdsourced, to automated, and now autonomous.

Manual Pen Testing

Manual pen testing requires a trained security resource using commercial and specialized tools to explore an application or system and identify weaknesses. The effectiveness (and cost) of a manual pen test is dependent on the time allotted to the test and the skill of the pen tester. That is where we shine. All our penetration testers are seasoned experts in the field with at least 5 years of pen testing experience and multiple related certifications. Start to finish, manual pen tests often take more time but have a narrow focus and are more thorough.

Autonomous Pen Testing

Autonomous pen testing combines the benefits of automated pen testing; more frequent testing, lower costs, and no requirements for internal security expertise, with those of manual pen tests: deeper testing, contextual decision making, and proven exploitability. Autonomous pen testing does not require credentials to start. It can chain together weaknesses like a skilled adversary and automatically generate attack paths to isolate the root cause of an exploit. This allows defenders to understand precisely what changes are needed to protect an application.

Pen Testing Service Offerings
IP, Mobile/Web/API, AD

N-Day Pentesting

Test if you are exploitable by recent zero day and N-day vulnerabilities as new threats emerge.

AD Password Audit

Attackers don’t hack in, they log in. Discover compromised credentials and weak passwords in your AD.

Internal Pentesting

Take an “assume breach” mindset to
reveal the perspective of an attacker / insider who has already gained access to your internal network.

External Pentesting

Quickly and accurately assess your security posture from the perspective of an attacker trying to breach your perimeter

Web/Mobile/API

Test if your web / mobile application or API has the protective guardrails in place to defend against attackers, both inside and out.

Service Differentiators Make us the Smart Choice

Ease

Our autonomous pen testing solution improves the capacity of our pen testers and your security / IT team members and helps you measure your improvements over time. We can set up and start these autonomous pen tests in minutes and we can schedule pen tests to run every day thereafter for continuous risk assessment. There are no required agents to install, no code to write, and no consultants to hire; making our solution easy to maintain and use.

Convenience

While you can always use our senior pen testers for more focused and in-depth tests, the autonomous pen tests lessen the need to search and hire pen testers every quarter, or even every year. No more lengthy scoping discussions, statements of work. You can kick off and run internal pen tests on demand. You can create pen tests attack templates to reuse over and over as well as to scheduling. Or we can do it all for you.

Accuracy

We are unique because we are doing full exploitations; not simulations or theory. We take exploitations as far as we can, not stopping after the first domain or host compromise. Because we are doing full exploitation, we can show you the true business impact associated with each weakness. We provide proof of exploitation, compromised credentials, misconfigurations and show the exact attack paths and methods used via our command/action log. If we can not achieve compromise, we will not prioritize the weakness. Our goal is to help customers determine how they can be compromised; not be a noisy vulnerability scanner. We are going to show true exploitability with proof and because of this, we have a low false positive rate.

Speed

Imagine running a /24 sub-net pen test in 5 hours. Because we are autonomous (not automated), we can chain together weaknesses like a skilled adversary and automatically generate attack paths to isolate the root cause of an exploit. This allows pen testers to know exactly what to focus on, and defenders to understand precisely what changes are needed to protect an application. Our service maneuvers through your network, chaining weaknesses together just as an attacker would and then safely exploits them. It assesses systems with the flexibility and contextual decision making that manual pen testers use, but faster, more completely, and with more actionable results.

How our service works

Reconnaissance

Any successful attack requires intelligence on the target. We start with unauthenticated access to the system, then identify all hosts, misconfigurations, open port, and search for credentials.

Maneuver Loop

We orchestrate over 100 offensive tools to discover and exploit weaknesses in your network just as an attacker would. It moves laterally in your environment by:
• Compromising credentials through credential attacks
• Mining exposed data
• Bypassing security controls
• Exploiting key vulnerabilities and misconfigurations

Verified Attack Plans

To simplify prioritization and remediation, results are provided as “Proofs” with graphical and textual representations of each step in  a successful attack. This includes which tactics were used, which weaknesses were identified and exploited, how credentials were obtained, and the paths taken to gain privileges and access to systems.

Impact

We identify and report on data at risk across physical and virtual environments such as misconfigured file shares, insecure data transfer protocols, or weak access controls. We also identify data exposure including payment card information, social security card numbers, and other personally identifiable information (PII) that increases your risk of ransomware and can jeopardize your overall security and regulatory compliance.

Contextual Scoring

We evaluate and prioritize each weakness by its role in the successful attack in your environment – not by the generic base Common Vulnerability Scoring System (CVSS) score. You can quickly identify those weaknesses that present the greatest threat to your organization and must be addressed immediately, and which can be safely deferred.

Actionable Remediation

We provide precise and actionable remediation guidance, allowing security and operations to resolve issues at the root cause quickly.

Meaningful Reporting

We deliver a rich – and always growing – set of reports for you to use throughout your workflow, including the Executive Summary and Fix Actions report. The reports are easily customized and co-branded.

bottom of page