Our Approach To Penetration Testing
Every business need is different - that's why we take the time to learn your requirements.
Targeted Assessment
We focus on areas of greatest risk by identifying your “crown jewels” to keep sensitive data protected and to prevent compromises.
Certified Assessors
PurpleSec’s team is comprised of certified U.S. based cybersecurity professionals holding an OSCP, OSWE, OSWP, OSCE, and more.
Client-Centric
From start to finish you’ll have a dedicated point of contact that’s invested in achieving your business and security goals.
Our Penetration Testing Capabilities
Our experts provide point-in-time assessments of:
Internal Network Penetration Testing
Internal network penetration testing uncovers vulnerabilities in configurations and encryption, targeting unauthorized access to defend against privilege escalation, eavesdropping, and MITM attacks.
External Network Penetration Testing
External network penetration testing explores assets for flaws, focusing on threats like phishing and security perimeters to defend against data breaches, unauthorized access, and DDoS attacks.
Web Application Penetration Testing
Web app penetration testing reveals SQL injections, misconfigurations, and data exposure, targeting weaknesses to defend against credential stuffing, phishing, and session hijacking.
Social engineering penetration testing simulate tactics like phishing and pretexting, probing for human vulnerability to safeguard against information leaks, unauthorized access, and fraud.
Wireless Penetration Testing
Wireless penetration testing evaluates WiFi network security, focusing on identifying vulnerabilities in network protocols and device configurations to defend against unauthorized access.
Red Teaming & Table Top Exercises
Red teaming simulates an attack, including strategy and tactics. Table Top Exercises simulate an organization’s response to a security incident, ensuring a thorough evaluation of your security.
How Our Penetration Testing Services Work
Our assessors come equipped with the latest technologies and techniques.
We send an onsite device or an agent for network tests or request access to the application.
We use MITRE’s ATT&CK framework and OWASP top 10 to simulate typical attacks.
A certified offensive security expert provides immediate and actionable results.
We deliver the report and schedule a review call with your team and the assessor.
“We’ve partnered with PurpleSec to cover our clients’ penetration testing needs and couldn’t be happier! From proposal to service delivery, the PurpleSec team does a fantastic job at communicating and providing a high level of detail in their work.“
– Kyle McNaney, CTO
R3 IT
Penetration Testing Services Phases
Our penetration testing methodology runs through 7 key phases:
1. Planning
The first stage involves defining the scope and goals of a test, including the systems to be addressed and the testing methods to be used. Our testing team works in conjunction with engineering teams, system owners, and the client’s security team to establish the scope of our test.
2. Reconnaissance
The next step is the gathering of intelligence (e.g., network and domain names, mail server) to better understand how a target works and its potential vulnerabilities. While we hope asset inventory is 100% accurate, we know that this is rarely the case. This will involve NMAP scans and OSINT to recon and locate assets not supplied in the discovery call request.
3. Scanning
The next step is to understand how the target will respond to various intrusion attempts. This step can involve automated, manual, and security functionality testing depending on the scope of the assessment. In general, automated scans will be performed first as results from these can help expose areas that need more manual testing.
4. Gaining Access
PurpleSec will review the identified vulnerabilities and misconfigurations. This validation is performed through targeted penetration testing that focuses on high-risk findings. Exploitation of these findings often yields access to critical systems and sensitive information vital to operations.
5. Maintaining Access
The goal of this stage is to see if the vulnerability can be used to achieve a persistent presence in the exploited system— long enough for a bad actor to gain in-depth access. The idea is to imitate advanced persistent threats, which often remain in a system for months to steal an organization’s most sensitive data.
6. Analysis
The analysis phase is where all findings will be analyzed for validity and will be assigned a risk rating. The risk rating will be assigned based on a few factors such as the ease of the exploit, what kind of asset it is attributed too, and the potential outcome if exploited.
7. Reporting
The final step has PurpleSec combining all findings into a report that can be understood by both technical and non-technical personnel. This report will be extremely detailed with step-by-step details on how to recreate all the major findings and recommendations on how to remediate them.
Why Choose PurpleSec's Penetration Testing Services?
At PurpleSec, our offensive security experts will establish a framework to proactively identify and classify vulnerabilities in applications or an IT infrastructure to reduce risk.
This approach ensures that we prioritize work on the areas of greatest risk by identifying the strengths and weaknesses of your penetration testing program; thereby maximizing the ROI of your security initiatives.
End-To-End Project Management
Get actionable results within 4 weeks of a signed contract and immediate insights on critical vulnerabilities.
Penetration Testing Services Deliverables
Analysis and reporting delivered by an offensive security certified professional.
Reconnaissance
PurpleSec autonomously maps the organization’s attack surface.
Scanning
PurpleSec runs a vulnerability assessment to understand risk.
Credentials
PurpleSec challenges collected organizational credentials.
Endpoint Resiliency
PurpleSec safe malware replicas challenge endpoint devices.
Lateral Movement
PurpleSec advances with postexploitation steps to create a full attack chain.
Data Exfiltration
PurpleSec validates data leakage protection system and C2 ports.
Remediation
PurpleSec prioritizes remediation based on the importance of each root-cause vulnerability.
Is AI The Future Of Penetration Testing?
Web Application Penetration Testing: Steps, Methods, & Tools
What Is Continuous Penetration Testing? (& Why It’s Important)
Cloud Penetration Testing: Benefits & Methodology
Frequently Asked Questions
Why do you need a penetration test?
Performing a penetration test is the only way to know how effective your security measures in place are at defending against an attacker.
Cybersecurity risks are increasing with unparalleled speed, frequency, and sophistication. As organizations adopt more technology to streamline operations and achieve their goals, the risk of being a victim of a cyber attack grows exponentially.
To overcome these threats, organizations must perform continuous risk management and strive to improve their cybersecurity posture. Thirty years of history have shown that cyber risk is difficult to understand, problematic to hedge, and only likely to increase, and characterized by a continually changing threat environment.
This real-world scenario simulates actions a threat actor would take to compromise your systems for malicious purposes.
What's the difference between penetration testing and vulnerability scanning?
Vulnerability scanning identifies known vulnerabilities, lack of security controls, and common misconfigurations within systems on a network.
Penetration testing simulates an attack to exploit weaknesses to prove the effectiveness of your network’s security.
The main difference is that vulnerability scanning is used for both defensive and offensive cybersecurity strategies while penetration testing is offensive in nature.
Many providers will sell their services as a penetration test, but attempt to pass off a vulnerability scan as one. This is also known as a "smoke test."
With PurpleSec, you get a dedicated point of contact and a certified assessor. This approach provides a more thorough assessment of your security defenses.
What are the types of penetration testing?
The different types of penetration tests include:
- Network: Tests the security of network infrastructure components like servers, workstations, printers, firewalls, and routers. Testers might use port scanning, vulnerability scanning, and attempt to exploit known vulnerabilities in network protocols or services.
- Web Application: Examines vulnerabilities in web-based applications and their components. This could involve attempting SQL injection, cross-site scripting (XSS), or testing for insecure direct object references.
- Client-Side: Focuses on identifying weaknesses in client-side applications like email clients, web browsers, and office suites. Testers might craft malicious files or web pages to exploit vulnerabilities in these applications.
- Wireless: Assesses the security of wireless networks and connected devices. Testing could include attempting to crack WiFi passwords, setting up rogue access points, or intercepting wireless traffic.
- Social Engineering: Simulates attempts to manipulate or trick users into revealing sensitive information. This might involve sending phishing emails, making vishing (voice phishing) calls, or attempting to gain physical access through impersonation.
- Physical: Tests the effectiveness of physical security measures to protect infrastructure, buildings, and systems. Testers might attempt to bypass locks, tailgate employees, or access restricted areas without proper authorization.
- Firewall: Specifically examines firewall configurations and attempts to bypass them. This could involve probing for misconfigured rules, attempting to exploit known vulnerabilities in firewall software, or finding ways to tunnel traffic through allowed ports.
What method of penetration testing do I need?
There are several approaches to penetration testing, each with its own advantages and use cases. The choice between white box, black box, or gray box testing depends on your organization's specific security needs and goals.
White Box Penetration Testing
White box penetration testing, also known as clear box or transparent box testing, provides the tester with full access and complete knowledge of the target system. This includes source code, credentials, documentation, and multiple account roles.
White box testing is ideal when you want to:
- Evaluate your application security in-depth.
- Test from a developer's perspective.
- Uncover vulnerabilities in the logic flow of an application.
- Assess critical systems like banking applications.
- Perform thorough testing at an early stage of development.
Black Box Penetration Testing
Black box penetration testing simulates a real-world attack scenario where the tester has no prior knowledge of the system. The assessor is given only the target URL and mimics the behavior of an external attacker.
Black box testing is suitable when you want to:
- Evaluate your security posture from an outsider's perspective.
- Test your application, infrastructure, or network in a scenario closest to a real-life attack.
- Assess smaller scopes or specific components.
- Conduct a cost-effective security assessment.
Gray Box Penetration Testing
Gray box penetration testing falls between white box and black box approaches. The tester has partial knowledge of the system, such as basic architectural information or limited access credentials.
Gray box testing is appropriate when you want to:
- Balance the depth of white box testing with the real