Penetration Testing

Redspin combines penetration testing with a vulnerability assessment to identify and validate threats or weaknesses that could compromise your IT security. Our IT security experts use "best-in-class" scanning tools to perform vulnerability assessments that identify the highest potential risk to your environment. We then conduct penetration testing (ethical hacking) to manually simulate real-world network attacks, mimicking the tactics employed by malicious outsiders. The result is an IT security report of findings and a detailed risk analysis with actionable recommendations to help you better protect your IT security including network infrastructure, critical systems, and confidential data.

External Penetration Testing (Public-Facing IP Addresses)

Penetration testing services for Internet-accessible devices and services such as web servers, firewalls, routers. DNS, remote access, etc. Our external network security risk assessment utilizes a risk-based approach to manually identify critical infrastructure security vulnerabilities that exist on all Internet-accessible services within scope.
read more

Internal Penetration Testing

Penetration testing services for internal servers, firewalls, routers and switches, email and DNS services. Our internal network security risk assessment utilizes a risk-based approach to manually identify critical infrastructure security vulnerabilities that exist on targeted, internal systems within scope.
read more

Wireless Security Penetration Testing

Penetration testing services for wireless infrastructure, including access points, controllers, firewalls, etc. Our wireless network security risk assessment utilizes a risk-based approach to manually identify critical infrastructure security vulnerabilities that exist on all wireless infrastructure within scope.
read more

Other Infrastructure Penetration

Custom security assessments and security risk analysis are available for other types of infrastructure or devices. Send us your requirements and we will tailor a security solution to address your needs.
contact us

More on Penetration Testing

The term "penetration testing" is often used interchangeably with "network security assessment". In most cases though, the purpose of a penetration test is to focus on a very specific set of computer systems or networks. Penetration testing is also known as a "pen test". An external pen test targets an organization's external IP address space, such as publicly-facing web servers, DNS servers, e-mail servers, and firewalls. The objective of a pen test is to determine if an external hacker can infiltrate the network and then go on to gain further unauthorized access to internal systems or confidential data.

For internal penetration testing, a security engineer connects to your internal network and attempts to gain unauthorized access to sensitive organizational resources. During an internal pen test, the security engineer is network level connected but has no other credentials, such as a user account on the domain or on a corporate software application.

In contrast, network security assessments or network security audits generally refer to a broader, more encompassing scope of work that may include an external penetration test and/or an internal penetration test, as well as other assessments such as web application, wireless security, mobile device, and IT compliance or policy reviews.

more
"You guys are like the "A" Team. You helicopter in, you get rid of the bad guys, you take care of business."
- Redspin Customer