Breaches cost money, time, customer confidence, and your credibility. Penetration testing identifies your vulnerabilities, provides a detailed security audit report, and heightens your security awareness. We offer many pen testing services listed below. If you're looking for another kind of security audit service, please visit our IT Security Consulting page or contact us to get more information from one of our expert cybersecurity consultants.
Penetration Testing Services
Instead of using one-size-fits-all scanners, Spohn’s audits are performed by highly trained, ethical hackers.
External Pen Testing Details
An External Penetration Test, also known as our Perimeter Security Assessment, is performed remotely from the Internet. Unlike purely automated engagements like many of our competitors, each report by Spohn is handcrafted with individually-verified and documented vulnerabilities.
Our expert security consultants, i.e. white-hat ethical hackers, attempt to identify vulnerabilities in your external-facing systems by using automated tools and manual hacking methodologies. Clients can choose the effort level they desire which ranges from simple identification and documentation of vulnerabilities to full exploitation.
Penetration Testing Effort Levels
- Scanning tools hunt for security holes in Internet-facing devices. Clients receive basic reports with raw data.
- Security engineers find probable vulnerabilities, provide a detailed report on hacker methods, and offer remediation recommendations.
- Deploys known attack methods to exploit probable vulnerabilities. This tests intrusion detection and security monitoring systems.
Internal Pen Test Details
Spohn's Internal Penetration Test attempts to discover and validate security vulnerabilities within your network and connected systems. You may not be protecting yourself from disgruntled employees accessing your information, an anonymous user downloading pirated content on your network, or a contractor searching for competitive or budgeting information, etc. Do your current security measures protect your business’ critical assets from within?
Included Test Output
- Our expert consultants initially perform the test from an unauthenticated perspective in order to attempt to identify exploitable vulnerabilities.
- Findings are then validated utilizing ethical hacking methodologies in order to simulate a real-world scenario.
- An authenticated scan is then performed against the internal network to identify any potential vulnerabilities that might exist to a credentialed user.
Web App Penetration Testing Details
Most sites have evolved over years, migrating from purely HTML to PHP/CSS/Joomla/Wordpress and to more complicated cloud-based hosting platforms. Your site may have outdated code or vulnerable, forgotten directories lying under the surface of a quick and attractive modern website. If you're worried about a reportable data breach and the confidentiality of your clients' data, Web App Pen Testing can put your mind at ease.
- We test for all forms of site scripting and injection attacks
- We audit every directory and every file accessible from the Internet
- As an added bonus, we identify code issues and broken links that may be leading to instability or low SEO ranking