Penetration Testing

Penetration Testing

Why It's Important

There are two main reasons why Penetration Testing is important: 1) it is required for compliance with requirements such as HIPAA or FISMA or 2) to discover any deficiencies in your networks. With growing threats, increasing attack sophistication, mandates for security compliance, and the pressure to protect corporate data, it is important to ensure your organization's defenses functioning as designed.

How We Can Help

CompliancePoint’s Penetration Testing methodology involves a comprehensive analysis of publicly available information about your target systems and configuration documentation. This assessment includes a mix of manual and automated scanning penetration techniques to identify the impact of vulnerabilities identified and understand the overall security behavior of the target web application, database, and/or firewall.

Simply, CompliancePoint's experts will conduct ethical hacking that will help identify areas of exposure that may be putting your organization’s data at risk of exposure to internal and external threats and/or regulatory violations.

CompliancePoint also offers annual penetration testing for customers requiring ongoing testing for HIPAA and FISMA compliance.

CompliancePoint's qualified security consultants will conduct internal and external pen testing of the following areas:

  • Network

    Our experts will attempt entry through the routers, switches, firewalls, load balancers, and any infrastructure you have in place to connect your systems.

  • Platform

    Our experts will enter the servers (i.e. Windows, Linux, etc.) in an attempt to penetrate any exposed services like authentication, file transfer, and file shares.

  • Application

    Our experts will conduct testing against specific applications to identify existing vulnerabilities and enable you to protect the data held within those applications.

  • Wireless

    The Wireless Penetration Test is designed to mimic attempt entry through the Wi-Fi connections and any wireless infrastructure you have in place to connect your systems.

  • Phishing & Social Engineering

    With our Phishing Penetration Test, our experts will use ethical tactics to phish your staff through email, phone, in-person, and/or social media as a method of identifying modern social threats and arming your organization against them.

Our Areas of Expertise

Our assessors and consultants are experts in the focus areas as they pertain to information security and protecting data assets.

Learn More >>

Webinar: Color Theory as a New Approach to Data Security
Receive Updates, Alerts & Holiday Reminders