Pen Testing Services & Red Team Operations
Our pen testing services including internal and external pen test provide a comprehensive threat assessment. A FoxPointe Solutions cybersecurity threat assessment identifies the various information assets that could be affected by a cyberattack, and then identifies the various risks that could affect those assets.
Leading Edge Pen Testing Methodology
All of our pen testing services follow the offensive security concept, which simulates the Tactics, Techniques, and Procedures (TTP) utilized by an attacker. Our pen testing methods involve an active analysis of the attack surface for any vulnerabilities and misconfigurations, as well as the active exploitation of those vulnerabilities and misconfigurations.
Technical Pen Testing Services
Our team of red team security experts has the experience and capabilities to perform different types of pen testing that attack an organization’s digital infrastructure, just as an attacker would, in order to test the organization’s defenses. All pen testing engagements and objectives are individually scoped based on the requirements of our clients. Typical engagements include:
- External Pen Test: We simulate the position of an attacker and utilize TTPs to attempt to compromise a client’s infrastructure from the outside.
- Internal Pen Test: We focus on simulating a real-life attack, testing internal defenses, and mapping out paths that an attacker could take to fulfill a real-world goal once a foothold is achieved inside a client network.
- Social Engineering: Typically taking the form of a phishing campaign, we test the mechanisms and policies relating to the email path security controls (i.e., anti-virus, workstations, IDS, spam, email server) as well as the security awareness of the client's personnel.