Hurricane Labs

IT Security Professionals

Penetration Testing

Lead Image

Our approach to Penetration Testing generates productive outcomes. In order to gather the most accurate and in-depth results, we believe in testing to the fullest extent. And just how is this accomplished? By stepping into the mind of a hacker – thinking the way a real attacker would.

Hurricane Labs differs from most companies in that we test from the perspective of potential attackers. We do not rely on the typical scanning tools or generate automated reports. We use the same open tools and manual approaches you would expect from a skilled attacker. The difference is we are experts at helping you remediate potential vulnerabilities and exploits.

Our ability to customize tools for your business and our security expertise give us the edge to create reports that provide concise data, realistic examples on how to reproduce the problems, and most importantly, the information on how to correct the issues we’ve discovered. On top of all that, any scan data that is produced is still included in the rear-section report. We provide penetration testing AND analysis.

The penetration testing process will proceed upon your request. We will start when you give the okay, and we will cease when you need us to. The steps of a standard penetration test are as follows: discovery, scanning, attack, report, remediation, and retest.

Throughout all of these steps, you are updated with our progress. If at any point you have an issue, we are available 24/7, so you can give us a call and get answers. When the test is concluded, you are given the penetration report in a timely fashion, usually governed by the number of targets and amount of data found.

Hurricane Labs will also perform a security assessment on mobile applications. This test will assess vulnerabilities within the application, as well as the methods of communication. A complete forensic analysis will be performed to identify sensitive data stored on the device which may be accessible to third-party applications or outside users.

Discovery

Magnifying Glass
This is the first stage in our penetration test procedure.  It is a non-invasive scan of the network and hosts, where the object is simply information gathering. The web servers are spidered in order to avoid false positives and to keep from wasting resources.

Scanning

Penetration Testing: Scanning
Using various tools (including OPVD and Qualys) your network is scanned for obvious vulnerabilities. We compile all of the vulnerability and port scans in order to create a custom database of assets that can be reviewed by the penetration testers so that nothing is overlooked. This helps establish a point of reference and provides direction throughout the engagement.

Attack

Magnifying Glass
Working from the initial discoveries and scan results, we manually test for a multitude of issues and attempt a variety of exploits – just like a real attacker. All the major vulnerabilities are exploited to their fullest extent in order to provide a proof of concept and prove that the methodology used is accurate.

Clean Up

Clean Up
Once the penetration test is complete and all vulnerabilities have been documented, Hurricane Labs will clean up the system and put it back to the way it was found to maintain your professional environment.

Report

Penetration Testing: Report
Upon completion a report of our results is generated and available in your Customer Portal. In this document you’ll find: a list of vulnerabilities categorized into levels of severity, how the exploits were achieved, and suggestions on how to repair the issues.

Remediation

Penetration Testing: Remediation
Using the results from your unique Report, we work with you to establish the best possible procedures to eradicate as many vulnerabilities as possible.

Retest

Penetration Testing: Retest
We conduct a second test after the issues have been resolved. Having a second look at the scope helps ensure the proper fixes are in place.

Contact Us

Top