Automated Penetration Testing
PenTest helps organizations solve an on-going challenge of meeting compliance, achieving security best practices, and researching multiple vendors to compare numerous factors to meet their needs.
What is Automated Penetration Testing?
PenTest is an automated network penetration testing platform that combines the knowledge, methodology, processes, and toolsets of a hacker into a single, deployable SaaS platform for organizations of all sizes. PenTest allows organizations to perform a penetration test within their environment at any given time, satisfying both compliance requirements as well as meeting security best practices. This platform is maintained solely by Audcomp and is based on a framework that continuously improves over time.
Traditionally, organizations have to face several challenges when seeking a penetration test, including availability, experience and background, as well as low quality deliverables that fail to effectively communicate the critical issues and remediation strategies that organizations need to adhere to in order to reduce their overall cyber risk. Through several years of experience, certifications, industry contributions including numerous tools, PenTest solves a critical need for organizations in an ever-changing threat landscape.
Our Automated Penetration Test Methodology
Our platform is maintained by Audcomp and is based on a framework that continuously improves over time.
Egress Filtering Testing
Automatically perform egress filtering to ensure that your organization is effectively restricting unnecessary outbound traffic. Unrestricted outbound access can allow a malicious actor to exfiltrate data from your organization’s environment using traditional methods and unmonitored ports.
Authentication Attacks
Upon the discovery of user account credentials, PenTest will automatically attempt to validate those credentials and determine where they are most useful. This is a common process executed by both malicious attackers and penetration testers and is performed during privilege escalation.
Priviledge Escalation and Lateral Movement
Using a valid set of credentials, PenTest will attempt to identify valuable areas within your organization. This is conducted through a variety of methods, including the use of Audcomp’s Leprechaun tool which assists in identifying where sensitive targets are.
Data Filtration
Critical data leaving your organization is an extremely serious concern. If access to confidential and/or sensitive data can be attained, PenTest will simulate and log this activity to help your organization tighten areas that should restrict data exfiltration.
Simulated Malware
With elevated access, PenTest will attempt to upload malicious code onto remote systems in an attempt to test the organization’s end-point anti-malware controls.
Timely Reporting
PenTest generates an executive summary, technical and vulnerability report within 48 hours after the penetration test is complete. Audcomp’s Pen Testing service provides 4 PenTests per year with quarterly reporting and reviews. Our detailed deliverables will allow your network staff to cross reference our activities with monitoring and alerting controls.
Get Started
For more information, send us a message!