Penetration Testing Services

Approach

CyberX’s network penetration testing service employs a comprehensive, risk-oriented approach to manually identify critical security vulnerabilities that exist on all networks, systems and hosts.

1. Information Gathering
2. Threat Modeling
3. Vulnerability Analysis
4. Exploitation
5. Post-Exploitation
6. Reporting

Using this industry-standard approach, CyberX’s comprehensive approach covers the classes of vulnerabilities in the Penetration Testing Execution Standard (PTES) and the Information Systems Security Assessment Framework (ISSAF) including: CDP attacks, MIME testing, DNS enum/AXFR, SMTP relay, SNMP recon, port security, brute force, encryption testing and more…

Manual Testing vs Automated Testing

CyberX’s approach consists of a majority manual testing a small amount of automated testing – in accordance with the threats facing a client. While automated testing enables efficiency, it is effective in providing efficiency only during the initial phases of a penetration test. At CyebrX, we believe that an effective and comprehensive penetration test can only be accomplished through rigorous manual testing techniques.

Tools

In order to perform a comprehensive real-world assessment, CyberX utilizes commercial tools and the same tools that hacker use on  every assessment. Once again, our intent is to assess systems by simulating a real-world attack and leveraging the many tools at our disposal.

Reporting

We consider the reporting phase to be the most important. CyberX strives to provide the best possible customer experience and service. As a result, our report makes up only a small part of our deliverable. We provide clients with a plan to correct the problems discovered during a test. We also help our clients in actually implementing more secure systems. We don’t just want to show you your problems – We want to help you fix them!