ASSESSMENT & TESTING

Penetration Testing

Carefully and systematically playing the role of a determined hacker, Breadcrumb exposes your organization to real-world hacking scenarios.
Overview

A Penetration Test provides your organization with a unique birds-eye view of the effectiveness of your security posture. Newer companies may not yet have a handle on their network security. Conversely, more mature companies often have large, multi-faceted networks with easily overlooked elements – particularly as more organizations move to cloud-based systems. Both scenarios leave the potential for catastrophic breaches.

During Penetration Testing, Breadcrumb engineers will carefully and systematically play the role of a determined hacker. Simulating sophisticated real-world attack strategies – actual hacking tools and industry-leading frameworks are leveraged to identify and exploit configuration deficiencies.

"Ransomware damage costs will rise to $11.5 billion in 2019 and a business will fall victim to a ransomware attack every 14 seconds at that time." - Cybersecurity Ventures

Assessment Categories

Active Directory Assessment
Website Security Testing
External Penetration Testing
Internal Penetration Testing
Web Application Testing
Mobile Application Testing
Office 365 Security Assessment
Cloud Security Assessments
Social Engineering
Wireless Assessments

The Process

1.
Network
Scope

Effective communication with your organization is emphasized to create an operating environment that is comfortable for both parties. Variables such as IT assets, IP scopes, engagement timelines, and rules of engagement will be discussed.

2.
Information
Gathering
Employing numerous reconnaissance strategies, Breadcrumb engineers will collect as much information as possible on the Client’s organization. The harvested information will allow Breadcrumb engineers to assess potential risk, exploitability likelihood, and ultimately guide the decision on the chosen attack vector.
3.
Enumeration
& Scanning
Utilizing a variety of automated tools, scripts, and other methods of advanced information gathering, Breadcrumb engineers will enumerate and validate attack surfaces.
4.
Attack
& Penetration
After careful and intentional preparation, the engagement focus turns to the exploitation of isolated vulnerabilities. Breadcrumb engineers will otherwise attempt to prove the existence of conceptual attack vectors while preserving the integrity of the network.
“The team at Breadcrumb demonstrated their ability in detecting cyber threats – improving the security of our organization.”
— Jim Ronyak, Dr. Director of Technology | Mercatus Center at GMU