Our Testing Solutions
Unlike traditional Pentests, which use mostly automated tools, Relify Security’s Penetration Tests leverage our in-depth experience to manually probe and test your security controls just like real-world hackers.
​
Benefits
-
Tests your system, network, applications and more through the eyes of an adversary
-
Discovers weakness in your development and testing processes
-
Demonstrates security controls, justify security spending
​
Features
-
Full test of all external and internal security controls
-
Social Engineering
-
Detailed reports help you understand the impact of a security breach
External Pentest
During an external pentest, our team will simulate a hacker attempting to enter your network from outside your organization. We assess your security through interviews, vulnerability scans, and analysis that includes:
-
External scanning and reconnaissance
-
Exploiting OS and application vulnerabilities and misconfigurations
-
Exploiting Firewall vulnerabilities and misconfigurations
-
Exploiting Web site weakness in the Open Web Application Security Project (OWASP) Framework
-
Brute forcing attempts against authentication schemes
-
Exploiting external services (DNS, VPN, Mail, Terminal Services, Citrix)
-
Privilege escalation and authentication bypass attacks
Web App / API Pentest
-
Static application security testing (SAST)
-
Dynamic application security testing (DAST)
-
Manual application penetration testing
-
SQL and DOM Injection
-
Broken Authentication and Session Management
-
Cross-Site Scripting (XSS)
-
Insecure Direct Object References
-
Security Misconfiguration
-
Sensitive Data Exposure
-
Missing Function Level Access Control
-
Cross-Site Request Forgery (CSRF)
-
Using Components with Known Vulnerabilities
-
Unvalidated Redirects and Forwards
-
Social Engeneering
-
Reconnaissance:
-
Open-source intelligence gathering (OSINT)
-
Analysis of available public information about the client organization
-
Internal Pentest
Our internal pentest simulates an attack on your network from a malicious insider or an attacker who has breached your perimeter. We assess your security through interviews, vulnerability scans, and analysis that includes:
-
Internal scanning and reconnaissance
-
Exploiting OS and application vulnerabilities and misconfigurations
-
Exploiting Firewall vulnerabilities and misconfigurations
-
Exploiting Web site weakness in the Open Web Application Security Project (OWASP) Framework
-
Brute forcing attempts against authentication schemes
-
Exploiting internal services (DNS, VPN, Mail, Terminal Services, Citrix)
-
Privilege escalation and authentication bypass attacks
Vulnerability Scanning
Critical vulnerabilities must be regularly detected, prioritized, and remedied in order to lower your risk and stop a data breach. Our internal and external vulnerability scans find possible areas of compromise on your network, weed out false positives and provide you with a detailed report prioritizing your areas of risk. Our goal is to help you establish a repeatable and reliable process for closing security gaps and avoiding data breaches.
​​
Why Choose Us?
Relify Security is focused on developing long-term relationships with our clients. Our team of innovative security specialists is committed to providing you with critical, data-driven information to help you make educated security decisions for your organization.