NETWORK PENETRATION
TESTING
The perimeter of any organization is its first line of defense. The ever-growing sprawl of internet-facing services exposes a massive attack surface that needs to be secured. And if this first layer has been breached, can your internal network stand up to the advanced pivoting and persistence techniques today’s blackhats use? Abricto Security uses bleeding-edge exploits and attack patterns identical to those used by actual threat actors. We offer both internal and external network penetration tests that gauge your organization’s security posture and provide actionable recommendations to minimize risk.
Purpose
Our certified penetration testers pinpoint vulnerabilities in your network, servers, firewalls, system configurations and more. Abricto Security utilizes state of the art commercial and custom tool sets to provide maximum value to our clients. Our penetration tests follow rigid guidelines to ensure no attack vector is left untested. Frameworks we align with include OSSTMM, NIST and PTES. We specialize in customer satisfaction by meeting tight deadlines without cutting corners.
Internal Areas of Focus
- IPv6 exploit vectors
- LLMNR and NBTS poisoning
- ARP poisoning
- NetNTLMv2 relay attacks
- Kerberos exploitation
- Unpatched service-specific exploits
- Living off the land
- Password strength
- Privileged identity management
- Server hardening
- Security operations center visibility
External Areas of Focus
- Unsecured cloud resources
- Google Cloud
- Azure
- AWS
- Exposed management interfaces
- Deprecated or vulnerable software
- Single sign-on solutions
- Unhardened VPNs
- Office 365
- Publicly exposed information
- Github
- Pastebin
- Shodan
Deliverables
- Comprehensive security findings report detailing systems targeted, vulnerabilities identified, exploit walk-throughs and remediation guidance.
- Executive debrief to quantify business risk.
- Technical debrief to discuss exploit scenarios, remediation recommendations and next steps.
- Testing artifacts to replicate findings and test efficacy of remediations.
Our team’s collective hacking history makes it so no security risk is left unturned. Network penetration testing provides critical insights to exploitable vulnerabilities in your network defenses. We provide PCI DSS, FISMA, HIPAA and SOC2 security checks to ensure your compliance needs are met.