Penetration Testing
The Penetration Testing Division simulates tactics, techniques, and procedures used by malicious actors to attempt to compromise agency security.
- Utilizes exploitation to display risk
- Active attempts to enter the network
- Trusted agent model to test security response procedures
- Comprehensive technical report along with executive out brief
- One person on site, the rest is done remote
- Scheduled for two weeks
Offensive Security
Penetration Testing Services
Proactive testing to uncover exploitable weaknesses before adversaries do. Engagements are coordinated with a trusted agent and scoped to minimize disruption.
Network (Internal / External)
- AccessSecure remote access or two dedicated switch ports with IP assignments.
- ScopeAuthorized external ranges provided to CSRF trusted agent.
Web & API
- DepthBlack-box (non-credentialed) and optional credentialed testing.
- CoverageOWASP Top 10, auth/session, input handling, business logic.
Wireless
- On-sitePerformed in range of agency facilities.
- DetectionRogue AP discovery, weak encryption & misconfigurations.
Phishing Campaigns
- PhasesTwo iterative waves to measure improvement.
- GuardrailsPre-approved templates, safe links, and reporting workflow.
On This Page Jump Links
On