top of page
bottom grid_edited_edited.png

Penetration Testing

Our expert team will test your system and simulate real-world threats, so that you may identify potential vulnerabilities, prioritize your resources and better protect your organization.

Our Testing Solutions

Unlike traditional Pentests, which use mostly automated tools, Relify Security’s Penetration Tests leverage our in-depth experience to manually probe and test your security controls just like real-world hackers.

​

Benefits

  • Tests your system, network, applications and more through the eyes of an adversary

  • Discovers weakness in your development and testing processes

  • Demonstrates security controls, justify security spending

​

Features

  • Full test of all external and internal security controls

  • Social Engineering

  • Detailed reports help you understand the impact of a security breach

External Pentest

During an external pentest, our team will simulate a hacker attempting to enter your network from outside your organization. We assess your security through interviews, vulnerability scans, and analysis that includes:

  • External scanning and reconnaissance

  • Exploiting OS and application vulnerabilities and misconfigurations

  • Exploiting Firewall vulnerabilities and misconfigurations

  • Exploiting Web site weakness in the Open Web Application Security Project (OWASP) Framework

  • Brute forcing attempts against authentication schemes

  • Exploiting external services (DNS, VPN, Mail, Terminal Services, Citrix)

  • Privilege escalation and authentication bypass attacks

Web App / API Pentest

  • Static application security testing (SAST)

  • Dynamic application security testing (DAST)

  • Manual application penetration testing

  • SQL and DOM Injection

  • Broken Authentication and Session Management

  • Cross-Site Scripting (XSS)

  • Insecure Direct Object References

  • Security Misconfiguration

  • Sensitive Data Exposure

  • Missing Function Level Access Control

  • Cross-Site Request Forgery (CSRF)

  • Using Components with Known Vulnerabilities

  • Unvalidated Redirects and Forwards

  • Social Engeneering

    •   Reconnaissance:

    • Open-source intelligence gathering (OSINT)

    • Analysis of available public information about the client organization

 

Internal Pentest

Our internal pentest simulates an attack on your network from a malicious insider or an attacker who has breached your perimeter.  We assess your security through interviews, vulnerability scans, and analysis that includes:

  • Internal scanning and reconnaissance

  • Exploiting OS and application vulnerabilities and misconfigurations

  • Exploiting Firewall vulnerabilities and misconfigurations

  • Exploiting Web site weakness in the Open Web Application Security Project (OWASP) Framework

  • Brute forcing attempts against authentication schemes

  • Exploiting internal services (DNS, VPN, Mail, Terminal Services, Citrix)

  • Privilege escalation and authentication bypass attacks

Vulnerability  Scanning

Critical vulnerabilities must be regularly detected, prioritized, and remedied in order to lower your risk and stop a data breach. Our internal and external vulnerability scans find possible areas of compromise on your network, weed out false positives and provide you with a detailed report prioritizing your areas of risk. Our goal is to help you establish a repeatable and reliable process for closing security gaps and avoiding data breaches.

​​

map [Converted]_edited_edited_edited.png

Why Choose Us?

Relify Security is focused on developing long-term relationships with our clients.  Our team of innovative security specialists is committed to providing you with critical, data-driven information to help you make educated security decisions for your organization.

bottom of page