Penetration Testing
Getting Inside the Mind of a Hacker
Meaningful, actionable insights that help improve your cybersecurity posture require more than pass/fail scans – they require resources and time often only available with the help of third-party resources.
Expanding Network Perimeter
Today’s perimeter extends across cloud, wireless, Bring your own device, and remote work, presenting a wide attack surface that can be exploited.
Mimicking Adversaries
Cybersecurity adversaries evolve constantly, and so should your testing approach, replicating the real-world threats that matter most.
Exposing the Kill Chain
Do more than find vulnerabilities. Actionable insight, targeted defense and improved detection start by exposing the kill chain.
Hands on. Target Locked.
Finding vulnerabilities goes beyond an asset inventory. Knowing what attackers can do once they achieve a foothold helps create a plan that enables pragmatic, proactive improvements that mitigate organizational risk.
- Goal-based and focused on your most pressing security concerns
- Hands-on tests, replicating internal Advanced Persistent Threat (APT) or Nation State
- Narrative reports and executive-level summaries to provide relevant information to technical and non-technical audiences
Our Penetration Testing Services
Secureworks provides a comprehensive portfolio of penetration testing services to help you identify gaps and weaknesses before the threat actor does – no matter the source of the attack.
External Penetration Testing
Attackers have many tricks up their sleeves to determine if your perimeter defenses stand up to attempts to breach.
- Show impact with manual testing that mimics current threats, including pivoting, post-exploitation and data compromise
- Uncover if your environment can stand up to threat actors with proprietary tooling and creative adversarial experts
- Expand your understanding of the risk you face beyond a pass/fail with severity-ranked risk and recommendations
Internal Penetration Testing
The attackers’ work continues once inside. Assess layered defenses and know how quickly an internal threat could compromise your entire system based on different threat models.
- Test internal security controls, firewall rules and more that limit user access
- Advance your penetration testing approach with an added dimension to know how quickly an internal threat could compromise your entire system
- Find insider threat risks and provide insights that enable IT teams to make smarter security choices
Wireless Penetration Testing
Wireless networks are an often-overlooked part of testing. A wireless penetration test focuses on evaluating your wireless network security and how attackers may exploit it.
- Find out how your wireless connections expose internal networks you thought were segmented
- Identify ways an attacker could breach your wireless network and its clients or find a pathway to the internal network
- Go beyond the assessment of applicable compliance mandates with a security-first approach to testing
Read the Blog
Office 365 Multi-factor Authentication (MFA) BypassPhysical Testing
Adversaries will try any means to get in – so don’t neglect your physical security controls. Secureworks provides physical testing to provide a comprehensive view of your risks.
- Test your employees’ resiliency to social engineering and physical attacks, including tailgating and badge cloning
- Test building security controls with a threat actor mindset, including lock-picking, badge reader manipulation and other control blind spots
- Customizable goals and rules of engagement based on organizational needs and desires
Specialized & Custom Work
Secureworks leverages the vast expertise and specializations of the team to offer custom testing across devices, systems, software or threat models.
- Hardware; including IoT, OT, Embedded Devices, firmware, medical devices and robots
- Vehicle Systems Testing (Automotive, CANBUS, autonomous vessels, aircrafts)
- Custom networking protocols
Custom Adversarial Engagements
If It Can Be Attacked by an Adversary – We Can Hack It for You FirstCommon Threat Scenarios
Leveraging our goal-based testing methodologies and specialized application security expertise, combined with access to real-world threat research, the Secureworks Adversary Group can help you answer your modern-day offensive security questions.
Remote Access Vulnerability Assessment
Did the move to remote work create new, exploitable vulnerabilities in your environment?
Ransomware Attack Simulation
Could we defend against a threat actor attempting to deploy ransomware before it’s too late?
Lost or Stolen Laptop
Wonder what would happen if someone gets a hold of/steals a laptop?
Cloud Penetration Testing
Have our defenses kept up with increasing cloud adoption?
Insider Threat
Concerned about what an internal user or vendor may be able to access?
Adversary Group
The Secureworks Counter Threat Unit’s™ Adversary Group is a dedicated group of seasoned testing experts helping you challenge assumptions about your security and battle-test your defenses to gain assurance and better prepare for the fight.
Dedicated Testing Expertise
Adversarial security tests are delivered by world-class, highly certified and seasoned testing experts – testing is all they do. They are 100% focused on delivering offensive security testing – nothing else.
Passion for the Offense
Our testers are passionate about security and are continuously honing their skills through training (including pursuing the latest Offensive Security certification), knowledge exchange with their peers, and exercising those skills (and winning) at the world’s largest Capture the Flag (CTF) events.
Powered by CTU Intelligence
The Secureworks CTU™ collects and analyzes offensive and defensive intelligence, from thousands of adversarial and response engagements every year. Our testers combine their years of hands-on experience with that latest threat intel to drive unrelenting creativity and ingenuity into every test.