Penetration Testing

Kryptos Logic penetration testing is a carefully executed service performed to simulate real-world attacks. Real attacks are defined by malicious hackers and technology savvy criminals, not by security industry compliance and specification. Kryptos understands this conundrum and that each client architecture is unique with differing scales and requirements.
Far too often, self-proclaimed security companies or specialists naively rely on automated scanners which only check for compliance and known vulnerabilities, making it difficult to determine which security company will offer you the best comphrensive services and tell whether your organization is truly vulnerable.
We deliver an unmatched level of assessment well beyond industry standards and compliance. Utilizing the Kryptos DTER methodology, our team will analyze the very fabric of your attack surface and subject your organization to a multitude of attack vectors. Whether decrypting network traffic, web application manipulation, dissembling client code, fuzzing for unknown vulnerabilities, or implementing a zero day exploit, Kryptos Logic is determined to ensure a client is as secure as possible.

Multi-Phase Methodology (DTER)

D

iscovery

Non-invasive reconnaissance of the target organization is explored to measure the potential attack surface.

T

hreat Modeling

Potential threat agents and business assets are evaluated, assessed and defined based on the client profile.

E

xploitation

Discovered vulnerabilities are exploited in order to establish access to a system or resource.

R

eporting

Thoroughly document meaningful methods, results, and recommendations





image description

We have the people

Well-trained and experienced security specialists are key to a successful penetration test. We have made significant security contributions with companies and organizations around the globe such as Avaya, AOL, IBM, and Microsoft, among others. Our team has developed widely used security products, publicly disclosed vulnerabilities, and regularly participates in prestigous industry sponsored events.

We got the tools

When it comes to auditing client systems, Kryptos Logic has a variety of tools and resources to choose from, depending on the environment being audited. A judicial mix of industry standard and propeitary tools ensures we give the most comprehensive testing.

What can our penetration testing do for you?

  • Help satisfy requirements for PCI, HIPAA, SOX, GLBA, NERC and FISMA
  • Retrace an attackers steps to find the origin of breach for forenics or incident response
  • Avoid being another statistic or news headline
  • Improve overall security posture

We can work with multiple architectures and systems

  • Web sites (general)
  • Web applications and portals
  • Workstations, Endpoints, Mobile devices
  • Cryptographic or Network Protocols
  • VPN gateways
  • Firewalls
  • IPV4, IPV6 Networks (WAN, LAN, WiFi)

  • Voice over Internet Protocol (VoIP)
  • Content Management Systems (CMS)
  • Enterprise Resource Planning (ERP)
  • Industrial Systems, SCADA
  • Storage and Backup systems
  • Client-side attacks and phishing
  • Custom Services and Applications