Some have asked why each testing service has tiers, and do not have commonly offered features such as debriefings, detection/mitigation assistance, remediation verification, or in some cases, even a customized report.
We attempt to remain as a la carte as possible with the features offered for each service, allowing you to only pay for what you want and need. For example:
Bottom line, why should we charge you for features you do not plan to use? Offering these tiers of services allows us to lower the the cost so you only pay for what you use.
Because computer security is such a fast-changing industry, we continually mold and update our methodology from a combination of industry standard evaluation/pentesting methodologies and intel based techniques, tactics, and procedures (TTP) such as:
We also rely heavily on:
For specific methodology information of each service, view the Services page and click on each service. If you have any questions, please reach out to us for additional information on our Contact Us page.
Our company slogan is, Rock Solid Security, which is based on Matthew 7:24. The hardest rock on the Earth is a diamond. Our logo is a diamond molecule, flattened to a 2-D image, with the string, Rock Solid Security, in binary, encircling it.
This is a general order and timeline. After the first step, some of the phases run simultaneously. During a typical engagement, PEN Consultants will:
Not only can the technical damage be detrimental to an organization, but a damaged reputation and the expenditures to fix the damage after an attack can also be catastrophic.
Should security testing (vulnerability scanning, web app pentesting, etc.) be performed through a full protection stack (firewall, IPS, WAF, email filter, etc.), or should the tester’s IP be white listed?
Bottom line: You are highly encouraged to white list the tester’s IP address from any active interference in your protection system(s). The faster we can identify your vulnerabilities, the more thorough we can be, and the cheaper it is for you. Note: In this context, white list means to move the tester’s IP into a policy that still prevents access as intended for a given source, but changes any active protections (ex. IDS/IPS) to a monitor/alert-only mode, as to not prevent interference.
You may be required to do so anyway, depending on various compliance standards you may fall under. The only exception is if you are a vendor seeking testing of a protection product (firewall, IDS/IPS, etc.) you have developed.
More about this topic can be read here: Shields Down Security Testing
When choosing a security testing company to perform penetration testing, red teaming, etc., there are a few things you should consider to guarantee that you find the optimal company for your situation.
Read more on that topic here: https://penconsultants.com/compare
REMOTE: Other than Wireless Testing, this is the default for all testing services. The security tester never physically visits your site. Although a remote evaluation will not address “physical” attacks, it will ensure you have a measured level of security from remote threats.
ON-SITE: The security tester goes on-site on multiple occasions to perform local assessments in addition to remote assessments. Advantages to on-site testing is the ability to assess wireless/wired infrastructure, physical access attacks, more thorough social engineering attacks, etc.
On-site testing is certainly more effective as it helps protect you against local and remote attacks. However, if your organization is not concerned with the local attack vectors, then remote testing may be all you need.
Additional fees for On-Site Testing:
In addition to the cost of the service you select, there is a two-part additional fee for on-site testing. The first is the mileage fee of $3 per mile from 78006. The second part is the number of days needed and what the testing includes. At minimum, this part of the fee is typically $200-400 per day. Example: a small testing engagement in Dallas might be (275 miles x $3 per mile from 78006) + $350 = $1,175. That is, $1,175 in travel expenses, in addition to the cost of the engagement itself.
What is the difference between "Vulnerability Scanning," "Vulnerability Assessments," "Penetration Testing," and "Red Teaming?" What do they mean? Which one do you need performed on your systems?
For a detailed look at this topic, and to make an informed decision about which testing best meets your organization’s needs, check out this blog post: Red Teaming vs Penetration Testing vs Vulnerability Scanning vs Vulnerability Assessments
Clients often want to know the progress during testing, and sometimes IT/SOC staff want to know if a recent change in a configuration or activity is related to our testing (vs. a possible unauthorized attacker). Because of this, during testing, we relay information in the following ways:
You may have heard the term black-hat to refer to a hacker or white-hat to refer to a security consultant, such as a Pentester/Red Teamer. The differences really only vary in intent and outcome.
The balance of white/black box testing is a decision you will ultimately make based on your budget, risk concerns, and internal policies. PEN Consultants can help you determine the balance of testing you need during the no-obligation scoping phase.
Bottom line: White box testing is always going to give you the best ROI. A security tester’s objective is to help you find your weaknesses and address them.
For more information on this topic, read here: Gray Box vs. Black Box vs. White Box Testing
Absolutely! Insider Threat Simulation services fall nicely under our Red Teaming services. However, we can model the threat under just about any of our services: web app testing, penetration testing, wireless assessments, etc.
OUTSIDER’S PERSPECTIVE: Standard testing is conducted from an outsider’s perspective. This usually means the network is attacked remotely, visits to the campus are stealthy and/or “blend into the crowd,” and there is no “pre-authorized” access to any resource such as to doors, computer accounts, email, etc. The security tester would have the same level of access a “visitor” would have.
INSIDER’S PERSPECTIVE: The insider’s perspective simulates an attack by an employee, authorized contractor, or product owner. Typically during this test, the security tester will be granted access to certain doors/rooms and/or given a limited user computer account (just like an employee would have). It could also mean the tester (or at least a network connected device or software) may be on-site for 8+hrs per day in a place such as an office.
FOR CONSIDERATION: PEN Consultants will offer a custom blend of both perspectives based on your organization’s perceived risks and comfort level in granting us an “insider's level” of access. Another advantage to the insider’s perspective is the ability to evaluate the product(s) more quickly and thoroughly. “Outsider’s perspective” is time-consuming and not as likely to reveal as much within the constraints of time given for testing compared to having full access. The degree of access will be discussed and determined during the scope meeting(s).
According to the 2012 CyberSecurity Watch Survey, 24% of attacks are from an insider; 51% of corporations say the insider attacks have cost more money than outsider attacks.