Due to the increasing demand for enhanced Cyber Security solutions, Kriston Technology has partnered with a leading provider in automated state-of-the-art penetration testing.
By utilising the automated penetration platform we are able to offer penetration testing utilising the same toolset as manual testing but at a fraction of the cost. Each test is reviewed by a certified industry expert, but the automation capabilities now makes the service affordable for SMB and mid-mid sized businesses.
Why does your Organisation need a Penetration Test?
Penetration tests allow organisations to assess their cyber security posture based on realistic attack scenarios, which enables them to address issues that would be overlooked if they followed a solely defensive approach.
Our Penetration Test Methodology
We combine multiple methodologies that were once manually conducted into an automated fashion to consistently provide maximum value to organisations.
Egress Filtering Testing
Automatically perform egress filtering to ensure that your organisation is effectively restricting unnecessary outbound traffic. Unrestricted outbound access can allow a malicious actor to exfiltrate data from your organisation’s environment using traditional methods and unmonitored ports.
Authentication Attacks
Upon the discovery of user account credentials, vPenTest will automatically attempt to validate those credentials and determine where they are most useful. This is a common process executed by both malicious attackers and penetration testers and is performed during privilege escalation.
Privilege Escalation & Lateral Movemet
Using a valid set of credentials, vPenTest will attempt to identify valuable areas within your organization. This is conducted through a variety of methods, including the use of Vonahi’s Leprechaun tool which assists in identifying where sensitive targets are.
Data Exfiltration
Critical data leaving your organisation is an extremely serious concern. If access to confidential and/or sensitive data can be attained, vPenTest will simulate and log this activity to help your organisation tighten areas that should restrict data exfiltration.
Simulated Malware
With elevated access, we will attempt to upload malicious code onto remote systems in an attempt to test the organisation’s end-point anti-malware controls.
Timely Reporting
We’ll generate an executive summary, technical and vulnerability report within 48 hours after the penetration test is complete. Our detailed deliverables will allow your network staff to cross reference our activities with monitoring and alerting controls.
Assessment Capabilites
We offer two different automated penetration testing services to guide your organization to a better security posture and program.
Internal Network Penetration Testing
Using a device connected to your internal environment, our consultants will discover security vulnerabilities present within the internal network environment. These activities simulate that of a malicious attacker.
External Network Penetration Testing
Assuming the role of a malicious attacker from the public Internet, our consultants will identify security flaws within your external network environment. These flaws can include patching, configuration, and authentication issues.
