Penetration Testing & Red Team Operations
For comprehensive threat assessment, a FoxPointe Solutions cybersecurity threat assessment identifies the various information assets that could be affected by a cyberattack, and then identifies the various risks that could affect those assets.
Leading Edge Methodology
All of our testing follows the offensive security concept, which simulates the Tactics, Techniques, and Procedures (TTP) utilized by an attacker. Our methods involve an active analysis of the attack surface for any vulnerabilities and misconfigurations, as well as the active exploitation of those vulnerabilities and misconfigurations.
Our team of red team security experts has the experience and capabilities to perform different types of penetration testing that attack an organization's digital infrastructure, just as an attacker would, in order to test the organization's defenses. All engagements and objectives are individually scoped based on the requirements of our clients. Typical engagements include:
External Penetration Testing: We simulate the position of an attacker and utilize TTPs to attempt to compromise a client’s infrastructure from the outside.
Internal Penetration Testing: We focus on simulating a real-life attack, testing internal defenses, and mapping out paths that an attacker could take to fulfill a real-world goal once a foothold is achieved inside a client network.
Social Engineering: Typically taking the form of a phishing campaign, we test the mechanisms and policies relating to the email path security controls (i.e., anti-virus, workstations, IDS, spam, email server) as well as the security awareness of the client's personnel.