Our attack and penetration (A+P) testing engagements are performed by Certified Ethical Hackers and a Licensed Penetration Tester, the highest certification available in the IT security field. Snodgrass’s approach effectively identifies risks through both internal and external testing and social engineering.
We have the ability and prefer to perform all testing remotely, to eliminate billing our clients for expenses and taking up on-site desk space. Read more about our remote A+P testing in this white paper and this brochure.
Some highlights from our attack and penetration tests include:
- We utilize Core Impact Professional and Metasploit Pro, which we believe to be among the best exploitation software on the market.
- We use Tenable’s Nessus product and Rapid7’s Nexpose product to provide two different views of vulnerabilities; these perform both authenticated and unauthenticated scans.
- We follow a layered security approach and verify our results to ensure threats discovered are real threats and not false-positive results.
- We use a combination of automated tools and manual processes to review the security of your network.
- We provide a non-technical executive summary as well as an extremely detailed report that identifies the risk, details our observations during testing, and provides remediation plans for our observations.