Penetration Testing
Home » Services » Security Consulting »
At Intrinium, we believe a first step to review your network vulnerabilities is a Penetration Test. We offer both internal and external penetration tests which are simulated cyber attacks against your entire network/website/domains to check for exploitable vulnerabilities and potential security risks. For the convenience of our clients, we execute tests either remotely from our headquarters or on-site at your company with one of our trusted consultants. These tests are performed with the intention of being the first phase within a holistic process of vulnerability analysis, prioritization, remediation, and maintenance that is our core commitment to securing your environment.
External Penetration Testing
This test reviews the network environment and the strength of the perimeter defenses against an external vulnerability, as well as the security of websites and external applications. Our threat model utilizes thousands of attacks that are used by opportunistic hackers used to compromise organizations every day.
These attacks include:
- Searching for publicly available domain registration for useful information
- Port scanning of network resources
- Identification of systems and services accessible over the Internet
- Brute force attempts with weak or default passwords
- Comprehensive Vulnerability Scanning identifying over 100,000 of the top vulnerabilities
- Manual exploitation of identified vulnerabilities in external applications
- Elimination and confirmation of false positives
Internal Penetration Testing
This test will emulate the action of a malicious actor on the internal network. Our penetration testing goes beyond a simple vulnerability assessment by performing manual attacks such as man-in-the-middle attacks. Our threat model utilizes thousands of attacks that are used by opportunistic hackers used to compromise organizations every day.
These attacks include:
- Port scanning of network resources
- Identification of systems and services accessible over the Internet or through VPNs
- Brute force attempts with weak or default passwords
- Man-in-the-Middle Attacks
- Comprehensive Vulnerability Scanning identifying over 100,000 of the top vulnerabilities
- Manual exploitation of identified vulnerabilities in applications
- Establishing persistence and enumerating the reach of a potential attacker
At the conclusion of any Intrinium Penetration Test, our success will be reflected against project deliverables and validation that meets the following success criteria:
- Completion of external vulnerability and network penetration testing module
- Documentation of detailed test findings and remediation recommendations
- Completion of executive summary testing report
- Completion of firewall assessment
- Documentation of firewall assessment findings and remediation recommendations
We are here to help, contact us today.
The Basics of Security Awareness Training , Part 2
By James Lee - Information Security Analyst: Team Lead - Intrinium Introduction Chances are, you or someone you know has fallen victim to some Information Security attack. Whether it was someone attempting to brute force their way into one of your accounts, or an...
The Basics of Security Awareness Training , Part 1
By James Lee - Information Security Analyst: Team Lead - Intrinium Introduction Chances are, you or someone you know has fallen victim to some Information Security attack. Whether it was someone attempting to brute force their way into one of your accounts, or an...
Cryptocurrency Security 101
By Turner Lehmbecker – Information Security Researcher – Intrinium Introduction With the increasing popularity and value in Bitcoin and other cryptocurrencies like it, many people have become interested in exploring the use of cryptocurrency as potential investments...
Building an InfoSec Program from Scratch, Part II – Establish a Baseline
By Stephen Heath - Partner and Advisory CISO - Intrinium When a new CISO arrives in an organization, they will often walk in expecting to review, assess, build upon, and sometimes undo the work of their predecessor. Obviously, this can be a daunting and unique...
Are you confident that your MSP is safe?
The tools that are used by Managed Security Providers (MSPs) to protect and assist your organization can be the same tools that are used by threat actors to infiltrate your organization. In recent headlines, it was confirmed that three MSPs were hit in ransomware...
Building an InfoSec Program from Scratch, Part I – Understand the Business
By Stephen Heath - Partner and Advisory CISO - Intrinium When a new CISO arrives in an organization, they will often walk in expecting to review, assess, build upon, and sometimes undo the work of their predecessor. Obviously, this can be a daunting and unique...
The Case for Password Management Software
Password Managers do just that, allowing you to almost outsource the storing, memorization, and generation of passwords while maintaining only a single password that you have to remember to access the rest.
Incident Response 101
Incident Response Plans need to be written and tested since the output will probably be used in a court of law.
The Power of Partnership
IT Security and Compliance Assessments are not cut and dry; the data can often be overwhelming, leaving organizations questioning what the next steps are. This is where security consultants come in: our certified experts can guide you through your report findings,...
Self Help for Security Information and Event Services
By Samantha Agather, Information Security Analyst - Intrinium Self Help for Security Information and Event Services Security monitoring is reliant on the data provided. Traditionally, event logs record different activities in information systems are then correlated...