MAD Security Technical Testing

Identify security weaknesses before attackers do.

When it comes to cyber security, what you don’t know can and will hurt you.

MAD Security identifies security weaknesses the same way an attacker would — by compromising them.  This enables you to better understand and ultimately minimize the cyber security risks associated with your business thereby making your organization stronger and more resilient to attacks.

 

Penetration Testing Methodology

Our penetration testing methodology, tools, and techniques are proven industry best practices that are based on a synthesis of several industry and professional best practices and standards including:

  • The National Institute of Standards and Technology (NIST) Special Publication 800-115 Technical Guide to Information Security Testing and Assessment
  • ISECOM’s Open-Source Security Testing Methodology Manual (OSSTMM)
  • Information System Security Assessment Framework (ISSAF) from the OISSG
  • Penetration Testing Execution Standard (PTES)
  • The Open Web Application Security Project (OWASP) Testing Guide

Our Penetration Testing Services

External Penetration Testing

Simulates an external attacker to identify vulnerabilities for external, Internet-facing systems and technologies.

Internal Penetration Testing

Simulates an attacker that has established persistent access to the internal network infrastructure.

Wireless Penetration Testing

Simulates an attacker that is attempting to compromise the environment through traditional wireless technologies.

Mobile Environment Penetration Testing

Simulates attacks within your mobile technology environment.

Web Application Penetration Testing

Simulates an attacker attempting to gain access to customer information, financial data, internal networks, and other sensitive and confidential data against your web application technologies and web services.

Application Penetration Testing

Simulates attacks against an application to compromise sensitive information, uncover software vulnerabilities, and circumvent application security controls.

Mobile Application Penetration Testing

Simulates attack areas such as storage protection, transport protection, authentication, authorization, session management, data validation, and error and exception handling within mobile applications.

VoIP & Telecom Penetration Testing

Simulates an attacker that is attempting to compromise the environment through insecurities found in the implementation of telecommunication technologies.

Social Engineering Penetration Testing

Simulates an attacker that is attempting to compromise the internal environment or technology through persuasion and manipulation techniques.

Additional Security Assessment Services

The performance of advanced persistent attacks against your organization to simulate adversarial type roles defined by your business.

Security Gap Assessments

Compares your organization’s current security posture to the top 20 critical security controls and measurements.

Incident Response Assessments

Simulates real world attacks and scenarios to evaluate the effectiveness of the incident response team and your incident procedures.

Security Product & Technology Assessments

Tests and evaluates the effectiveness of security products, solutions, and implementations in their current configurations within your environment.

Security Operations Assessments

Simulates real world attacks and scenarios to evaluate the overall effectiveness of your effectiveness of your security operations whether it is performed internally by your personnel, or externally by a managed service provider.

Vulnerability Assessments & Scanning

Automated vulnerability scanning that can be performed against an organization at whatever interval is requested by the customer.

Cloud Security Assessments

Designed to help your organization navigate through the unique security responsibilities associated with operating in today’s public cloud environments.