As a Penetration Tester, you will actively exploit vulnerabilities and use what we find to help develop solutions that can secure the enterprise. Our assessment process includes four components.
Working with the customer to take stock of system elements, including networks, applications, and mobile assets. Gather key information including registration data, operating system, patch, and service version information, and system and application configurations.
Based on what we learn during the discovery phase, you will then take steps to challenge them. Using a variety of applicable tools, including in-house and commercially available programs, you will create a real-world scenario where you attempt to compromise system, application, and mobile security, gain unauthorized access to resources, or disrupt and exploit system services.
As a security expert, you will exploit vulnerabilities detected during the identification stage, to determine the level of impact to the enterprise, had someone with malicious intent attempted the same action.
If access to any vulnerable hosts are achieved, you will attempt to escalate privileges on these exploited systems and leverage this access to gain additional access into the network you are testing. During this stage multiple different cutting edge techniques will be used to identify multiple potential ways to compromise a customer’s network and then provide recommendations for remediation.
You’ll need to have:
Even better if you have: