MAD Cyber Security Assessments
Identify security weaknesses before attackers do.
When it comes to cyber security, what you don’t know can and will hurt you.
MAD Security identifies security weaknesses the same way an attacker would — by compromising them. This enables you to better understand and ultimately minimize the cyber security risk associated with your business thereby making your organization stronger and more resilient to attacks.
Penetration Testing Methodology
Our penetration testing methodology, tools, and techniques are proven industry best practices and we based them on a synthesis of several industry and professional best practices and standards including:
- The National Institute of Standards and Technology (NIST) Special Publication 800-115 Technical Guide to Information Security Testing and Assessment
- ISECOM’s Open-Source Security Testing Methodology Manual (OSSTMM)
- Information System Security Assessment Framework (ISSAF) from the OISSG
- Penetration Testing Execution Standard (PTES)
- The Open Web Application Security Project (OWASP) Testing Guide
Our Penetration Testing Services
External Penetration Testing
Simulates an external attacker to identify vulnerabilities for external, Internet facing systems and technologies.
Internal Penetration Testing
Simulates an attacker that has established persistent access to the internal network infrastructure.
Wireless Penetration Testing
Simulates an attacker that is attempting to compromise the environment through traditional wireless technologies.
Mobile Environment Penetration Testing
Simulates attacks within your mobile technology environment.
Web Application Penetration Testing
Simulates an attacker attempting to gain access to customer information, financial data, internal networks, and other sensitive and confidential data against your web application technologies and web services.
Application Penetration Testing
Simulates attacks against an application to compromise sensitive information, uncover software vulnerabilities, and circumvent application security controls.
Mobile Application Penetration Testing
Simulates attack areas such as storage protection, transport protection, authentication, authorization, session management, data validation, and error and exception handling within mobile applications.
VoIP and Telecom Penetration Testing
Simulates an attacker that is attempting to compromise the environment through insecurities found in the implementation of telecommunication technologies.
Social Engineering Penetration Testing
Simulates an attacker that is attempting to compromise the internal environment or technology through persuasion and manipulation techniques.
Additional Security Assessment Services
Red Team Exercises
The performance of advanced persistent attacks against your organization to simulate adversarial type roles defined by your business.
Security Gap Assessments
Compares your organization’s current security posture to the top 20 Critical Security Controls and measurements.
Incident Response Assessments
Simulates real world attacks and scenarios to evaluate the effectiveness of the incident response team and your incident procedures.
Security Product and Technology Assessments
Tests and evaluates the effectiveness of security products, solutions, and implementations in their current configurations within your environment.
Security Operations Assessments
Simulates real world attacks and scenarios to evaluate the overall effectiveness of your security operations whether it is performed internally by your personnel, or externally by a managed service provider.
Vulnerability Assessments and Scanning
Automated vulnerability scanning that can be performed against an organization at whatever interval is requested by the customer.
Cloud Security Assessments
Designed to help your organization navigate through the unique security responsibilities associated with operating in today’s public cloud environments.