Our penetration testing services identify those areas of risk that could impact the confidentiality, integrity and availability of your sensitive information prior to a real attack. We offer penetration testing – also called ‘ethical hacking’ – as a standalone service as well as part of an overall IT security audit. In many cases the penetration testing is part of compliance with PCI, HIPAA, or other regulatory frameworks.
Our penetration tests are standards-based. They are closely tied to the fundamentals found in the Open Source Security Testing Methodology Manual (OSSTMM), the Penetration Testing Execution Standard (PTES) and the Open Web Application Security Project (OWASP) Penetration Testing Guide.
The open method associated with OSSTMM builds on a foundation of truth, diminishing commercial gain and political agendas. PTES is an endeavor by a group of information security practitioners to develop a common language and scope for performing penetration testing. The core purpose of OWASP is to “be the thriving global community that drives visibility and evolution in the safety and security of the world’s software.”
By combining the spirit of these three methodologies, we create a formidable program of work to serve you. You can rely on the Contextual Security penetration testing services to be thorough and comprehensive.
The goal of our engagement is to identify areas of risk that impact the security of your information. We provide a remediation plan tailored specifically to your organization’s needs for security and compliance. We often learn from new clients’ past experiences that plans were recommended, but execution was never a part of the plan. Why plan if you’re not going to execute? Contextual Security will give you the plan and help you to follow it to secure your company’s future.