Pen Testing

Thorough Testing, Transparent Communication, Actionable Results

RedLegg's penetration testing experts don’t rely on automated procedures and generic reports. To improve your security posture and provide the best possible defense for your network, we offer...

  • A comprehensive combination of manual and technical processes to deeply test your network’s specific vulnerabilities
  • A detailed report explaining what we found, why those results are important, and the remediations we recommend
  • A dedicated RedLegg consultant to keep you updated and informed throughout your engagement


LEARN MORE
Pen-Test-Pillar-Banner

Pretty much everything you'd need to know about pen testing. 

LEARN MORE

OUR
PEN TEST
SERVICES
INCLUDE

Expertise - Use senior level assessors from a trusted partner to enhance your defense strategy and underscore the current cyber threats faced within your vertical.

  • Testing
  • Assessments
  • Social Engineering

Assessment - Gain insight into many of the risks faced within your enterprise by identifying vulnerabilities and detecting potential breach points for threat actors to exploit.

 

  • Vulnerability Scanning & Assessment
  • Web Application Assessment
  • Mobile Application Assessment
  • Thick/Thin Client Application Assessment
  • Secure Code Review
  • Phishing Assessment
  • Vishing Assessment
  • Physical Vulnerability Assessment

Exploit - Reduce the impact and likelihood of a successful breach and data exfiltration through testing of your organization. Prioritize the biggest threats and strategically plan the necessary roadmap to safeguard your organization.

 

  • Network Penetration Testing
  • SCADA/ICS Testing
  • Web Application Testing
  • Mobile Application Testing
  • Thick/Thin Client Application Testing
  • Wireless Testing
  • Physical Penetration Testing

Deliverables - Show customers and stakeholders your commitment to securing and protecting their most valuable assets against various threat actors.

 

  • Assessments
  • Reviews
  • Reporting

Proven Track Record of High-Quality Results and Detailed Corrective Actions

Rigorous Penetration Testing Protects Against Every Vulnerability

Checking compliance boxes isn’t enough. Penetration testing methods that don’t go beyond technical vulnerabilities leave your organization susceptible to major compromises and breaches, such as business email compromises that automated tools won’t find.

Our penetration testing experts use both technical and deep manual testing methods to uncover the vulnerabilities that high-level attackers will find. They then exit and come back in to simulate the actions of skilled hackers.

With a thorough information-gathering process from the start, we can identify and target the biggest risks first, so you can put remediation plans in place quickly.

Detailed Reporting Empowers Immediate Action

The most comprehensive penetration test in the world is useless if you don't know what to do with the data. Our experts understand that you need to understand the implications of your vulnerabilities, as well as the recommended changes and remediations.

Our detailed reports take a deep dive into your security posture, offering the whys behind our findings, along with recommendations in accessible language. We also walk you through the report to ensure that you feel confident taking subsequent steps to mitigate your vulnerabilities.

Consistent Communication Provides Peace Of Mind

Improving your security posture is about more than technology. It's about retaining the trust of your customers and protecting your company’s reputation. As your information security partner, we want to make sure you feel comfortable entrusting your livelihood to our experts.

When you work with RedLegg, you’ll have weekly touchpoints about what we’re doing, along with when, how and why we’re doing it. We want you to feel confident putting our recommendations into action. A clear communication path between you and your dedicated consultant builds trust through transparency.

Our InfoSec Experts Offer Superior Defense

At RedLegg, information security is not a 9 to 5 job. Our experts run information security conferences. We write articles and whitepapers. We study the industry as a whole to stay ahead of new vulnerabilities and potential attacks.

Our team’s passion is your company’s improved network security.

INDUSTRIES WE PEN TEST

FINANCIAL

LEGAL

INSURANCE

HEALTHCARE

GOVERNMENT

MANUFACTURING

MEDIA & TECHNOLOGY

RETAIL, HOSPITALITY & TRAVEL

REDLEGG'S PEN TESTING OFFERINGS

The RedLegg methodology for conducting Penetration Testing is based on a proven track record of providing high-quality results and detailed corrective actions that can help lower the overall risk of the tested environment. Each assessment, however, is a specialized event unique to each client and application.

crest-certification-logo

Vulnerability Scanning

  • One time or recurring service
  • Discovery of Vulnerabilities on the Scoped Network
  • Automated Vulnerability Scan Tool
  • Internal and External Available
LEARN MORE

Vulnerability Assessment

  • Baseline Assessment of the Scoped Network
  • Mostly Automated with some Manual Testing
  • Assessment from the POV of a Low Skilled Attacker
  • Includes Discovery and Analysis
  • Internal and External Available
LEARN MORE

Network Penetration Testing

  • Full dive into the scoped network
  • Mostly Manual with some automated testing
  • Assessment from the POV of a High and Low Skilled Attacker
  • Includes Discovery, Threat Modeling, Exploitation, and Analysis
  • Internal and External Available
  • Multi-year and Objective-based testing available
LEARN MORE

SCADA/ICS Testing

  • Full dive into the scoped SCADA/ICS network as a specialty penetration test
  • Mostly Manual with some automated testing
  • SCADA/ICS SMEs experienced in this specialized testing
  • Includes Discovery, Threat Modeling, Exploitation, and Analysis
  • Internal and External Available
LEARN MORE

Wireless Testing

  • Thorough Assessment of the scoped Wireless Network
  • Test for signal attenuation and wireless leakage
  • Assessment of breach potential from wireless network to the business network
  • Offline cracking of captured pre-shared key handshakes
LEARN MORE

Black Box Application Assessment

  • Deep Dive Assessment of Applications
  • Assessment from the POV of a High and Low Skilled Attacker
  • Includes Vulnerability Assessment of the Application
  • Available for Web, Mobile and Thin/Thicknet Applications
LEARN MORE

Secure Code Review

  • Application functionality review
  • Code verification
  • Findings report
LEARN MORE

Phishing Assessment

  • One time or recurring service
  • Security Awareness Baseline
  • Stock and Custom Email Templates
  • Security Awareness Training Available
LEARN MORE

Vishing Assessment

  • One time or recurring service
  • Security Awareness Baseline
  • Custom Phone Campaigns
LEARN MORE

Physical Vulnerability Assessment

  • Walkthrough of the Physical Location
  • Review of Physical Security Controls vs Best Practices
  • Observation of Staff
  • Photographic reporting to assist with remediation

Physical Penetration Test

  • Attempt to gain access to the Physical Location
  • Multi-day Reconnaissance and Access Attempts
  • Social Engineering and Physical Bypass Attempts
  • Photographic reporting to assist with remediation

GO DEEPER.

Reach out to our expert staff to dive into your security gaps and to protect your company from breaches.

DISCOVER MY SECURITY RISKS