Penetration Testing

Complex Challenges

Organizations today often depend on multiple types of networks including wireless, Ethernet, and Wide Area Networks (WANs). Every additional layer adds complexity and potential security weaknesses. Active third party testing by Aerstone can help identify security gaps in your internal and external network infrastructure. A security breach can cause irreparable damage to your reputation, loss of business, and incur costly financial penalties. Aerstone can design customized solutions for your environment to prevent these breaches from occurring.

Proactive Security

Aerstone’s pentesting services are customized and tailored to meet your needs, working with you to define the scope and intensity of the testing. Business and technical experts are assigned to each engagement. This combination provides a unique view of business risks stemming from technical vulnerabilities. Experts review vulnerabilities and assist you in determining the appropriate countermeasures specific to your business environment. Our transparent testing methodology also helps alleviate fears about the testing process; and plain English explanations help non-technical managers feel comfortable with the issues at hand. More than just a “hacker’s eye view,” the Aerstone test team has conducted hundreds of penetration testing engagements in all kinds of environments, and under many different conditions. Aerstone offers full assessments and periodic “check-ups” to identify changes, evaluate new network systems, and profile emerging threats. Unlike our competitors, Aerstone maps its technical assessments to industry standards, including National Institute of Standards and Technology controls, Payment Card Industry controls, and others, ensuring that both your technologists and executives completely understand the vulnerability and risk.

Expert Guidance

The Aerstone Test Team is composed of a mix of expertise and experience in IT security, all dedicated to security assessment projects and engagements. Team members maintain industry certifications in security including CISSP, C|EH, OSCP, GPEN, and GCFE, and undergo annual training to stay current with the latest tools and techniques employed by security professionals. Aerstone is committed to bringing the highest quality assessments and training to our customers, helping your organization avoid being a victim of application attacks now and in the future.

Advanced Tools and Techniques

Aerstone’s team of certified penetration testers uses a combination of commercial, open source, and proprietary tools. These include a proprietary collaborative testing platform for data aggregation (“FUSE”), and custom payloads designed to exploit system vulnerabilities. Aerstone penetration testing goes far beyond what automated tools can discover. Our techniques are specifically engineered to escalate our access to applications, systems, and networks, just as a malicious hacker would — constrained of course by the Rules of Engagement put in place prior to testing. We take pride in looking where others don’t, and our engagements often uncover vulnerabilities not found in previous tests. We ultimately provide recommendations and step-by-step exploit instructions, to ensure all vulnerabilities are addressed and technical gaps are closed.

Aerstrike™

Aerstone has developed a customized dual-homed VPN-enabled pentesting device, which comes loaded with our full suite of penetration testing software. This device, which may be deployed to a customer’s network to support remote testing engagements, allows Aerstone’s testers to securely test your network without having to be physically present on-site. AerStrike™ supports both on-device and network pass-through testing, as well as both wired and wireless connectivity.

For more information click here, or download the product sheet.