Penetration Testing

Whether you have a compliance requirement, or want to understand what a skilled hacker targeting your environment could accomplish, IntrusionOps is passionate about breaking into networks and applications.

Services We Offer

Type of Penetration Test Description
Network External or internal network testing to exploit vulnerabilities and guide you through remediation.
Application We hack web applications, thick clients, APIs, and serverless environments. We have software development experience and understand SDLC, allowing us to do point-in-time penetration tests, or become a part of your release cycle.
Mobile We perform both static and dynamic analysis of mobile applications and test the associated API endpoints for vulnerabilities.
Social Engineering We can impersonate parties to entice users to provide credentials, or attempt code execution on endpoints via spear-phishing. Other phishing techniques such as OAuth, MiTM, SMS, or phone call based social engineering are available.
Wireless We ship you a device and target your wireless networks remotely. We can test employee WiFi access, validate segmentation between employee and guest WiFi, and attempt to coerce staff into providing WPA enterprise credentials.
Corporate security control validation Testing company Windows, OSX, or Linux builds for exploitability. Test WAF effectiveness. Test EDR deployments. Test remote access solutions such as VDI or Citrix.

Why IntrusionOps

Privately held. We have the freedom to focus on our clients and their best security interests. Unlike publicly traded companies, venture capital or private equity backed companies, we’re solely focused on security and not financial engineering, mergers, and acquisitions. Security is the only business we’re in, and our staffing, leadership, and focus reflect that.

Not all penetration testing firms are created equal. Many companies have penetration testing as an add-on service and not as a core competency. Others mass produce penetration tests, producing quantity at rates where quality is unsustainable. Some firms have a few great hackers, but the “A Team” may not be staffed on your projects. IntrusionOps leadership has been in the pentesting business since the industry’s inception, and learned from years of experience and companies, what is and is not in a customer’s best interest. Simply said, the security industry is rife with snake-oil. We are not the only company that excels at hacking, but its a short list and we’re on it. If we’re not the right fit for you we can recommend other highly qualified companies.

Senior penetration testers are staffed on every project. Just because your external network penetration test scope may only be five IPs, you won’t get an inexperienced hacker. All of our penetration testers are senior, have discovered 0days, have written exploits, and have years experience hacking corporate and startup environments.

Experienced discretion in our reporting. The value of our work isn’t measured by the number of pages in our reports, but by the identification of issues that attackers could exploit against your company. Don’t expect to see your automated vulnerability scanner results re-branded. We report on items that, based on our experience, are worthy of your team’s time to address and we’ll provide you with context so you can form your own verdict. We have been responsible for fixes and are mindful to not cry wolf.

We’re liberal with our scope. In-depth OSINT and recon isn’t an add-on but is necessary for a high-quality penetration test. Password spraying is included with all our external network penetration tests unless you opt-out.

We don’t shill products. We do not re-sell security products or benefit from you buying them. Whenever reasonably possible, we recommend native hardening over buying security tools. We understand Linux, OSX, Windows, cloud, SaaS and various directory services and how to harden them.

We keep detailed logs of our work. We use osquery to log all our activity with timestamps so we can attest that activities are our own, and give you timestamps to cross-reference your detections. We will provide you with all the raw results from various tools we use during the engagement.

Outcome minded. Our goal is for our penetration tests to make our clients substantially more difficult to breach, and to enhance clients' visibility and detection of real-world attacks.

Engaged. We don’t use middlemen. Our customers have direct access to our hackers during each project and long-term access via email afterwards for any remediation support. We regularly communicate so you’re not wondering what the project status is, and whether something you detected is friendly fire or should be treated as an incident.

Come as you are. We’ve got clients that should be in the hardening hall of fame, and others who are just embarking on their security journey. We’ll help you validate your hardening, or begin to establish your defenses.

Diversity of experience. Whether you are cloud-native, have on-prem Active Directory servers, hybrid, write your own APIs, are serverless, or even use exotic OSes like z/OS, AIX, DGUX, Solaris, or AS/400, we’ve got you covered.