Veris Group’s penetration tests, whether internal or external, white-box or black-box, are designed to emulate the threat landscape our customers face. We have developed an adaptive penetration testing methodology that focuses on real threat sources specific to a target environment to develop relevant attack vectors. This methodology enables us to reduce the time and cost required, while performing comprehensive penetration tests that meet government agency and organizational requirements. Our tests are consistent, repeatable, and measurable within tightly-defined testing periods to provide our clients with valuable insight into the real-world risks of system vulnerabilities and business impact of network intrusions.
Our approach thoroughly analyzes customer systems, and identifies vulnerabilities and potential attack vectors. We attempt to leverage publicly available exploitation techniques if available, or build custom exploits to penetrate the infrastructure if needed. Penetration testing can range from breaching single hosts to gaining deep access into the network, based on customer requirements. Our penetration testing services include:
- Black-Box (no knowledge), White-Box (full knowledge) and Grey-Box (limited knowledge) assessments.
- External network penetration tests to identify and target externally exposed attack surfaces and simulate outside attackers.
- Internal network penetration tests to assess a system’s resistance to attacks by informed insiders, or the impact of an initial breach by external attackers.