Colorado-Based Cybersecurity Company – Managed Business I.T.

Menu
Menu

Penetration Testing

Penetration Testing

Image
solutions
Image

Think Like A Crook To Secure Like A Pro.

At Valkyrie, we practice what we preach. We utilize the Center for Internet Security Controls’ (CIS) standards for penetration testing.
Using both our Red and Blue Teams, we can create a comprehensive approach to identifying weaknesses in both your physical and cyber securities.
What is penetration testing?

Penetration testing is exactly what it sounds like – testing how far a threat actor can penetrate into your business. 

 If you’ve seen a spy movie, you can fully understand the damage a jump drive can do in the wrong hands.

On the cybersecurity side, we are looking for holes in the existing framework that could be potentially exploited by a threat actor.
Image

Reveal, Re-Assess, Resecure

Image
Security Starts Before Your Doors

Physical: Identify what is in the area that can be utilized by a threat actor, like lack of lighting or power to the building. 
Cyber: Many businesses have guest WiFi extending to the parking lot. What outside access can someone have into your network?

Image
Evaluate The Assets

Physical: Identify and catalog physical assets like your servers, networking equipment, and endpoints within the facility.

Cyber: Identify and document virtual assets, networks, and systems accessible remotely

Image
Protect The Data

Physical: Evaluate physical security measures for data protection, like secure storage and access controls.

Cyber: Assess data protection measures for virtual assets, emphasizing encryption and access controls. 

Image
Secure Configurations

Physical: Verify all physical devices have secure configurations to minimize potential vulnerabilities. 

Cyber: Examine secure configurations of remote assets, focusing on servers, routers, and firewalls. 

Image
Account Management

Physical: Assess physical access controls, like employee and guest badging, and account management processes.

Cyber: Evaluate remote access controls, multi-factor authentication, and account management practices.

Image
Incident Response

Physical: Simulate physical security incidents to evaluate the organization’s incident response capabilities.

Cyber: Simulate cyber incidents, assessing the organization’s ability to detect and respond remotely. 

Image
Continuous Monitoring

Physical: Test the effectiveness of physical security monitoring, including surveillance systems. 

Cyber: Evaluate the organization’s ability to monitor and respond to security events remotely

Image
Network Security

Physical: Assess the physical network architecture and controls.

Cyber: Evaluate remote network security measures, including firewalls, intrusion detection/prevention systems, and VPNs.

Image
Vulnerability Management

Physical: Identify and exploit physical vulnerabilities to test the organization’s vulnerability management processes.

Cyber: Conduct vulnerability assessments and exploit remote vulnerabilities to assess the organization’s response.

CONTACT US