MAD Cyber Security Assessments

Identify security weaknesses before attackers do.

When it comes to cyber security, what you don’t know can and will hurt you.

MAD Security identifies security weaknesses the same way an attacker would — by compromising them.  This enables you to better understand and ultimately minimize the cyber security risk associated with your business thereby making your organization stronger and more resilient to attacks.

Penetration Testing Methodology

Our penetration testing methodology, tools, and techniques are proven industry best practices and we based them on a synthesis of several industry and professional best practices and standards including:

  • The National Institute of Standards and Technology (NIST) Special Publication 800-115 Technical Guide to Information Security Testing and Assessment
  • ISECOM’s Open-Source Security Testing Methodology Manual (OSSTMM)
  • Information System Security Assessment Framework (ISSAF) from the OISSG
  • Penetration Testing Execution Standard (PTES)
  • The Open Web Application Security Project (OWASP) Testing Guide

Our Penetration Testing Services

External Penetration Testing

Simulates an external attacker to identify vulnerabilities for external, Internet facing systems and technologies.

Internal Penetration Testing

Simulates an attacker that has established persistent access to the internal network infrastructure.

Wireless Penetration Testing

Simulates an attacker that is attempting to compromise the environment through traditional wireless technologies.

Mobile Environment Penetration Testing

Simulates attacks within your mobile technology environment.

Web Application Penetration Testing

Simulates an attacker attempting to gain access to customer information, financial data, internal networks, and other sensitive and confidential data against your web application technologies and web services.

Application Penetration Testing

Simulates attacks against an application to compromise sensitive information, uncover software vulnerabilities, and circumvent application security controls.

Mobile Application Penetration Testing

Simulates attack areas such as storage protection, transport protection, authentication, authorization, session management, data validation, and error and exception handling within mobile applications.

VoIP and Telecom Penetration Testing

Simulates an attacker that is attempting to compromise the environment through insecurities found in the implementation of telecommunication technologies.

Social Engineering Penetration Testing

Simulates an attacker that is attempting to compromise the internal environment or technology through persuasion and manipulation techniques.

Additional Security Assessment Services

Red Team Exercises

The performance of advanced persistent attacks against your organization to simulate adversarial type roles defined by your business.

Security Gap Assessments

Compares your organization’s current security posture to the top 20 Critical Security Controls and measurements.

Incident Response Assessments

Simulates real world attacks and scenarios to evaluate the effectiveness of the incident response team and your incident procedures.

Security Product and Technology Assessments

Tests and evaluates the effectiveness of security products, solutions, and implementations in their current configurations within your environment.

Security Operations Assessments

Simulates real world attacks and scenarios to evaluate the overall effectiveness of your security operations whether it is performed internally by your personnel, or externally by a managed service provider.

Vulnerability Assessments and Scanning

Automated vulnerability scanning that can be performed against an organization at whatever interval is requested by the customer.

Cloud Security Assessments

Designed to help your organization navigate through the unique security responsibilities associated with operating in today’s public cloud environments.