The percentage of threats that go undetected by traditional, automated cyber security tools (AV, NGFW, SIEM, etc.)
This is the AVERAGE amount of time that an attacker dwells in a network until discovered (usually by an outside organization).
It all starts with a vulnerability assessment of the network. From desktops, to servers, to networking gear, we inspect it all. Either from the outside or from the inside, it is vital to fully understand every possible crack in the armor surrounding your sensitive data. The vulnerability assessment, or VA, is where we survey every single system in your network just like a hacker would. We identify all the weakness that could be possibly exploited, and if they are, it could bring your company to its knees.
The next phase of the security assessment is to take all the identified vulnerabilities and attempt to exploit them the same way a hacker would. This is the Penetration Test or Pen Test and it is where all those theoretical weaknesses get tested to see if there is way into the network. Each pen test is customized to meet the needs of the client. Whether white-box or black-box, internal or external, wireless or wired…we even perform social engineering tests to see if we can ethically hack into your organization.
APT and Zero-Day Detection
Attackers often dwell inside an organization’s network for months, sometimes years, before being detected. Despite significant investment in security controls and monitoring technologies, malware continues to evade and breach these defenses, gaining a foothold into targeted organizations. In fact, these attacks are becoming increasingly sophisticated and it is estimated that 44% of threats are completely invisible to traditional, automated security solutions. That’s about to change. CyberHunter Solutions Pen Test 2.0 has built-in threat hunting that works to identify Advanced Persistent Threats (APTs) and Zero-Day malware that has already breached the network. Get the world’s most advanced pen test with CyberHunter.
Test Evidence and Reporting
The following flavors of testing and reporting are available from CyberHunter:
- Technical Detailed Report
- Executive Briefing
- Remediation Report
- MS Patch Reports
- PCI Compliance
- ISO 27001/2
- Center for Internet Security (CIS)
- US DoD STIG
- NIST CVE
- SANS Policy
CyberHunter can audit network devices as well: Cisco, Juniper, Palo Alto, HP ProCurve, Fortinet, Check Point, WatchGuard, Foundry and many others.Learn More
What is "Pen Testing"?
Malware will get in.
No matter who or where your company is located. No matter how many layers of security you have. You WILL be breached.
Security teams should NEVER trust an endpoint or server until it can be PROVEN to be trusted.