Penetration Testing

RedRock has been performing Network Penetration Testing for years. Our team is experienced with both the tools and techniques used by individuals and organizations that commonly compromise networks and networked systems to obtain access to confidential data and critical resources.

Our Pen Test results include complete details on the systems and networks identified, exploitation results and both tactical and strategic recommendations.

External Network Penetration Testing

A primarily manual process after reconnaissance. Attack scenario methodology is to work from a general to more specific vector. Identify high-level components, scan and verify. If optioned by the client, we will attempt to gain device or system access.

Internal Network Penetration Testing

Complacency typically results in dozens of critical vulnerabilities per device on corporate LANs, subsequently resulting in the greatest corporate IT security risk. Not risk from an intentional internal bad actor, but risk from a user inadvertently infecting a workstation by visiting a compromised website or opening a malicious email.

RedRock will work with you to structure an Internal Network Penetration Test to optimize the value of the test in getting you the information you need to ensure systems are adequately protected. We can focus on high-value IT resources and provide detailed analysis of threats and ways to mitigate the threats.

Our proprietary, repeatable process ensures that year-over-year testing will be standardized and consistent so improvements are readily visible in the results.

RedRock offers testing in the following areas:

  • External facing systems such as web servers, firewalls and routers
  • Internal systems including servers, workstations, switches, routers and print servers
  • Wireless penetration testing
  • Weaknesses in network services such as DHCP and DNS