A true penetration test is not performed by a scanner. It's performed by a human, who is trained in the art of hacking, studies how to think like a bad guy, and is able to securely perform such heinous acts at your request. Our methods are documented, measured, and repeatable. When it's all over, we'll show you how we did what we did, and we'll tell you how we'd fix it -- so the real bad guys can't do what we did anymore.
Please feel free to contact us to request an example of the Executive Report, to see redacted examples of Finding Reports, or to get a quote for your project. As a rule of thumb, we calculate the cost based on number of IPs (in groups of 32), number of web applications, and if the test is to be performed internally as well as externally.
It's well known that humans will always be the greatest security risk your network has. Attackers know the best way to get a toe-hold on the network is by getting your employees to either give them the right info over the phone, or by getting them to click the most innocent looking links. Our goal with Social Engineering Testing is two-fold. We want to make you, your management, and your employees aware of what to look for, and we want to help train them to know what to do when they see it happening.
We can do everything from USB drops in the parking lot or in the office, to a customized phishing or spearphishing campaign. Let us know what your concern is, and we'll address it. We'll work with you to test your staff, and then we can help train them. Hopefully they'll do better next time you have us test!
Secure Code Review
If you've got a website, security begins with the code. You can do all you can to establish a good development lifecycle and observe good change control. But it all comes back to the code. With decades of experience writing in a bevy of programming languages, we'll take a good, close look at the code and find where the security concerns are, long before they make it online.
Relax. It's ok. Yes, maybe you've got some rogue processes running in your servers, maybe you saw your private data on pastebin, or maybe your company is on the news. It happens. What's important is what you're going to do now. Let's get in there, find how they got in and plug that hole (or those holes). Then let's have some discussions about how you can prevent that from ever happening again. Need technology? We have some ideas. We might even have some connections. Need some training for your staff? For your C-level execs? We can do that too.
Physical Penetration Testing
Have you ever wondered what would happen if an attacker actually came to your office? What if they could get past the receptionist? What if they could sit at a workstation? What if they could get to the data closet? At what point will your employees realize something is wrong?
The best and safest way to know these things is to do it in a controlled situation. Let's define objectives, and then let our Adversarial Engineers achieve those objectives. When it's over, we'll sit down and tell you what we did, what resistance we found, and who saved the day and blew the whistle on us. We'll follow up with training for your staff to make them aware, able, and empowered to stop true attackers.
More and more these days the company is completely running on laptops, with no one plugged into the LAN at all. People don't talk much about BYOD anymore because EVERYONE is bringing their own devices, and connecting to the Wifi network. Wouldn't it be wise to make sure you're as secure as possible?
In a WiFi Test, we'll show you the entire map of your wireless footprint. We'll help you identify any rogue Access Points, and test the overall security of your wireless posture. We'll help you impliment methods to protect yourself against rogue Access Points.
We are a team of security profesisonals with backgrounds as Penetration Testers, Security Engineers, Auditors, Windows admins, Linux admins, web developers, forensic analysts, and general help-desk services. We have a unified goal of providing the best customer service, bar none. Not only will we get the job done, but we want to see you come back to us time and time again for all your security needs.
Our team members are certified in their areas of expertise, and we ensure that our certifications are up to date so you can be assured that we will protect you in the most ethical and professional ways possible.
Certifications On Board
The technological world today is a hostile and volatile environment. You want to do business, but you want to be secure. At Alliance Information Security we believe that everyone can be made more secure. We will work with you to identify all the key assets of your unique business, allowing you to make informed decisions about your security programs, and allowing us to help you secure what matters most. While we believe it's impossible to identify every last vulnerability, we know we can help you identify as many as are known today. We want to help every customer become as secure as possible, through testing, training, and consulting.
Why are we the agency you want to work with? We are constantly investing in training, we are invited to speak at security conferences, we are actively involved in the communities we work and live in. So not only do we bring years of experience, but we're always gaining more. We feel passionate about security and show that passion through our dedication and commitment to helping our clients achieve greater security and ease of mind.