Penetration Testing

Pratum’s penetration testing service is a proactive approach to discovering exploitable vulnerabilities in your web applications, computer systems, and networks. We go beyond automated scanning to conduct manual testing and complex security exploitation.

Penetration testers viewing test results on computer

Why Pratum's Penetration Testing Service?

Our Scoping Process

We help you plan a penetration test that meets your goals, ensuring that you get the most from your investment.

Our Human-Centered Approach

Just like real hackers, our pen testers use unpredictable methods that a vulnerability scan can't simulate.

Our Actionable Reports

We'll describe what each vulnerability means in your specific environment so you can make effective remediations.

Our Methodology

1 Penetration Testing Methodology Scoping and Pre-Engagement Define success criteria set, ground rules 2 Reconnaissance & Vulnerability Assessment information gathering and discovery, Device and OS enumeration, Port scanning and Network sniffing, vulnerability scanning, social engineering 3 Exploitation vulnerability verification, pivoting through system, elimination of false positives and false negatives 4 Organizing Findings analyze and consolidate findings, categorize findings according to standard such as OWASP Top 10 5 Reporting executive summary, technical report, recommended remediations 6 Validating return to confirm IT team's remediations eliminated risks
Penetration Testing Client Greg Price, CSO/CTO of Troy University

It was not a boilerplate, templated report that anyone could’ve produced. It was very insightful. The tools were not off the shelf, and Pratum used some very clever approaches just like the real bad guys do.

Greg Price CSO/CTO - Troy University

Providing Insight Into an Attacker's Mind

Pratum's team performs penetration testing remotely or on-site as needed. Our full range of services ensures that you have visibility to potential gaps throughout your environment.

Web Application Penetration Testing

Web applications provide an integral business function for many organizations, but they can also introduce risk. The apps often process and/or store sensitive information including credit cards, personal identifiable information (PII), and proprietary data. Pratum's web application penetration testers seek to obtain unauthorized access into web apps to gather sensitive information. This provides visibility into the risks associated with application vulnerabilities.

Network and Infrastructure Penetration Testing

Infrastructure penetration testing identifies security weaknesses in your network, as well as the devices within the network. Our testers identify flaws such as outdated software, missing patches, improper security configurations, weak communication algorithms, command injection, etc. Infrastructure penetration tests often include the testing of firewalls, switches, virtual and physical servers, and workstations.

Wireless Penetration Testing

Your wireless network may be susceptible to exterior signal bleeding. Pratum's wireless pen testing services focus on the discovery of wireless access points, attempting to enumerate weaknesses in the wireless infrastructure. After gaining access to the wireless network, Pratum’s penetration testers attempt to exploit weaknesses in your network to gain access to privileged areas and demonstrate the potential impact of a wireless network breach.

Social Engineering Services

Social engineering uses pretexting phone calls, email phishing tests, dumpster diving, and facility access to truly assess an organization’s security training and awareness practices. Pratum establishes the baseline security posture and makes recommendations for modifying and developing stronger policies and procedures.

Training: Security Awareness

  • Educating on security threats
  • Preparing employees to react
  • Strengthening security posture

Training: Security Practices

  • Validating security training efforts
  • Identifying strengths and growth opportunities
  • Providing insight for further training
Penetration Testing Client Blake Brown, Director, Information Technology of Baker Group

I thought they were just going to give us test results. But Pratum included what we needed to do to resolve the problems. That helped tremendously. I didn’t have to go do all my own research.

Blake Brown Director, Information Technology - Baker Group

Penetration Testing Additional Resources

Infographic: Penetration Testing Explained
While most people picture pen testing as someone cracking lines of code, the process entails far more than that. Here’s an overview of a pen test from initial scoping to final reporting. Read More
Internal Penetration Testing vs External Penetration Testing: Why You Need Both
Attacks can come from any direction, so your testing has to probe for weaknesses that come from outside and inside your environment. Read More
Higher Education Case Study: Troy University
This major university knows that cybersecurity never rests, so they asked Pratum’s penetration testers to prepare them for the toughest attacks that determined hackers may dream up. Read More

Interested in pen testing services?

Request a complimentary quote today.

The information we track while users are on our websites helps us analyze site traffic, optimize site performance, improve our services, and identify new products and services of interest to our users. To learn more please see our Privacy Policy.