Penetration Testing and Vulnerability Assessments

Penetration testing and vulnerability assessments play an important role in identifying network vulnerabilities that could be exploited by a hacker and lead to a breach. ACA Aponix® can help your company reduce the chance of a breach.

HOW ACA CAN HELP

 

ACA Aponix provides penetration testing and vulnerability assessment services that can help your company reduce the risk of the significant financial, operational, and reputational losses that can result from a breach. Upon completion of our assessment, we will provide a detailed report with key findings, vulnerabilities, and remediation techniques to enhance your company’s security and regulatory posture.

WHY WORK WITH US?

 

Our U.S.-based penetration testing team includes cybersecurity professionals with the following certifications:

  • Offensive Security Certified Expert (OSCE)
  • Offensive Security Certified Professional (OSCP)
  • Certified Ethical Hacker (CEH)
  • Certified Penetration Testing Consultant (CPTC)
  • GIAC Penetration Tester (GPEN)
  • GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Security Essentials Certification (GSEC)
  • GIAC Certified Intrusion Analyst (GCIA)
  • GIAC Web Application Penetration Tester (GWAPT)

CORE TESTING SERVICES

Vulnerability Scanning

We perform an automated scan of your environment that detects vulnerabilities that could potentially be used by an attacker to exploit your network.

External Penetration Testing

We will use controlled real-world attack vectors to exploit the vulnerabilities found on your network and identify key weaknesses that could lead to a cyber-attack.

Internal Penetration Testing

Our credentialed ethical hackers will identify vulnerabilities in your network and attempt to exploit them to see how far a potential attacker could go and what sensitive information could be compromised.

Web Application
Testing

We will assess the security of your software applications in accordance with the top 10 OWASP (Open Web Application Security Project) application security risks, as well as identify vulnerabilities that could lead to a breach.

INTERNAL AND EXTERNAL TESTING OPTIONS

 

We offer three levels of testing designed to identify vulnerabilities in your network within a set of parameters defined by your company.

Black Box Test

Black Box Test

Limited knowledge is provided about network prior to testing.

White Box Test

White Box Test

Full disclosure of application or network information prior to testing.

Gray Box Test

Gray Box Test

Combination of black and white box tests (i.e., credentials may or may not be provided).

ADDITIONAL TESTING SERVICES

Physical Office
Security Penetration

This test assesses the strength of the physical security controls in your data center, offices, etc.

Wireless LAN
Testing

This test assesses whether your wireless local area network meets security and performance requirements.

Social Engineering

We use social manipulation techniques to identify the types of information that can be extracted by an attacker prior to an attack.

Microsoft® Office 365® External Access Testing

We validate conditional access policies and multi-factor protections in your Office 365 environment.

Want to learn more about our products and services?

 

Contact Us