Penetration testing and security assessments test and improve the security of your organization by pinpointing crucial weaknesses and vulnerabilities within your network. Our security assessments focus on identifying and remediating weaknesses in companies’ network devices, web and mobile applications, source code and physical security. Following a technical security assessment, your organization is able to strengthen its defenses and reduce the risk of a severe data breach.
As malicious attackers grow in number and become more advanced, your company needs a team with the methodology and experience to match. Our Attack and Penetration Testing Team has performed thousands of penetration tests for some of the largest and most complex companies in the world. Their experience is bolstered by top industry certifications. In fact, Focal Point has more than 20 Certified Information Systems Security Professionals (CISSPs) on its security team, and many of our penetration testing team experts also hold the Offensive Security Certified Professional (OSCP) certification. By engaging Focal Point as your security team, you gain the experts you need to protect your organization from all malicious threats.
Having both an internal and external perspective of your networks, web and mobile applications and physical security is critical for maintaining a secure environment. Focal Point's security assessment services help you uncover hidden vulnerabilities and prioritize security risks, allowing you to make informed decisions to minimize risk and reduce your attack surface. Our security assessments use the same techniques and technologies as malicious attackers, providing a real-world test of your actual level of security.
Our assessments provide:
Our security assessment services include:
Using both automated and manual techniques, our team discovers vulnerabilities that pose varying levels of risk to the organization. In order to produce accurate results and measurable metrics, Focal Point follows the industry standard Open Source Security Testing Methodology Manual (OSSTMM).
Our team attempts to gain access to our your physical or logical infrastructures by using unknown (black box), partially known (gray box) or known (white box) methods. Each asset undergoes a comprehensive attack, and the results are evaluated and prioritized.
Our team tests your encryption and authentication technologies so you can protect the confidentiality of wireless transmissions and monitor and control unauthorized network access.
Using a hybrid approach of both automated and skilled manual analysis, our team does a comprehensive test of the enabled security controls meant to protect the application's exposed user interface.
Our team leverages a combination of leading automated source code scanning tools with seasoned security expertise to thoroughly assess the quality and security of virtually any existing code base.
Focal Point offers both physical and electronic social engineering to test the security awareness of your team members. Using email and phone phishing techniques, our team attempts to entice your staff to provide information or access to company resources that would normally require authorization. During a physical security assessment, our team evaluates the physical, electronic and human controls in place protecting the target location.