Contact Us
Contact Us

CREST Certified Penetration Testing

Back to Penetration Testing

Understand Your Cyber Risk With A CREST Certified Penetration Test

A penetration test emulates the real-world threats and attack vectors you are likely to encounter. The goal of a penetration test is to identify the weaknesses and demonstrate the impact before an attacker does.

Your Trusted Cybersecurity Provider

 

Triaxiom is a CREST Accredited Member Company in the Penetration Testing Discipline

 

 

“CREST is pleased to welcome Triaxiom Security as an accredited member company. Triaxiom Security has been through a demanding assessment process that examined test methodologies, legal and regulatory requirements, data protection standards, logging and auditing, internal and external communications with stakeholders, as well as how test data security is maintained. Awarding Triaxiom Security membership for its penetration testing services means that we are formally recognising that the company consistently delivers the highest professional security services standards to its customers.”

Ian Glover, President of CREST

Request A Free Quote

Charlotte, N.C.-Based Pen Test Partner For 650+ Organizations

At Triaxiom Security, we specialize in penetration testing. Our engineers have industry-recognized certifications and a wealth of experience performing penetration tests for Fortune 500 companies, small start-ups, Government agencies, Higher Education, Regional and Metro Hospitals, Payment Processors, Top US Financial Institutions,  and everything in between.

Serving Since 2017

Perform Over 500 Penetration Tests Per Year

Over 650 Clients Served

QSA-e1768830717793
CREST-PT-1024x471-1024x471-1-e1768830360458
CISSP-e1615480843818-354x150-1
CISA-e1615481523404-144x150-1
offsec-student-certified-emblem-rgb-oscp-1564x200-1
1RsWtbuY8uvRDNqWSfedVtw-e1615473283111
offsec-student-certified-emblem-rgb-oswe-e1615473511392
GXPN-logo
GSEC-e1615478885919
gcih-gold-e1615478639456
gwapt-gold-e1615478676518
eCPPTv2-e1615479026388
eWPTv1-e1615479052861
eWPTX-logo
CRTO-logo-300x300-1

Penetration Tests We Offer

Web Application Penetration Test

Web Application Penetration Test

A web application penetration test is an in-depth penetration test on both the unauthenticated and authenticated portions of your website. The engineer will test for all of the OWASP Top-10 critical security flaws, as well as a variety of other potential vulnerabilities based on security best practice. Activities include:

  • Website mapping techniques such as spidering
  • Directory enumeration
  • Automated and manual tests for injection flaws on all input fields
  • Directory traversal testing
  • Malicious file upload and remote code execution
  • Password attacks and testing for vulnerabilities in the authentication mechanisms
  • Session attacks, including hijacking, fixation, and spoofing attempts
  • Other tests depending on specific site content and languages
External Penetration Test

External Penetration Test

An external penetration test emulates an attacker trying to break into your network from the outside. The goal of the engineer performing this assessment is to breach the perimeter and prove they have internal network access. This test includes:

  • Open source reconnaissance against the organization
  • Full port scan covering all TCP ports and the top 1,000 UDP ports of the targets in scope
  • Full vulnerability scan of the targets
  • Manual and automated exploit attempts
  • Password attacks
Internal Penetration Test

Internal Penetration Test

An internal penetration test emulates an attacker on the inside of your network. This could be either an attacker who is successful in breaching the perimeter through another method or a malicious insider. The goal of the engineer in this module is to gain root and/or domain administrator level access on the network, and gain access to sensitive files. Activities include:

  • Active and Passive network reconnaissance including traffic sniffing, port scanning, LDAP enumeration, SMB enumeration, etc.
  • Vulnerability scan on all in-scope targets
  • Spoofing attacks such as ARP cache poisoning, LLMNR/NBNS spoofing, etc.
  • Manual and automated exploit attempts
  • Shared resource enumeration
  • Password attacks
  • Pivoting attacks
Wireless Penetration Test

Wireless Penetration Test

A wireless penetration test is a comprehensive evaluation of the wireless networks in your organization using automated and manual methods. Areas covered include:

  • Password attacks
  • WEP/WPA cracking
  • Guest wireless segmentation checks
  • Traffic sniffing attacks
  • SSID spoofing
  • Rogue access point discovery
Social Engineering Assessment

Social Engineering Assessment

This assessment is designed to target and take advantage of the human-element to gain access to your network. This is done using a variety of methods to get an employee to click on something they shouldn’t, enter their credentials or otherwise provide them when they shouldn’t, or divulge information that may assist an attacker in breaching your network. The goal for the engineer performing this assessment is to gain information that may assist an attacker in future attacks, gather credentials, or gain a foothold on the internal network. This assessment will include:

  • Phone-based attacks
  • Spear phishing attacks
  • Bulk phishing attacks
Physical Penetration Test

Physical Penetration Test

A physical penetration test is an assessment of the physical security of your premises. Our engineers will attempt to gain access to your facility by identifying weaknesses and/or using social engineering. Once inside, our engineers will attempt to gather sensitive information, gain access to sensitive areas such as the data center, and attempt to gain internal network access.

Vulnerability Scanning

Vulnerability Scanning

Vulnerability scanning is a regular, automated process that identifies the potential points of compromise on a network. A vulnerability scan detects and classifies system weaknesses in computers, networks and communications equipment and predicts the effectiveness of countermeasures. Our engineers will conduct this scan for you and use our expertise to remove false positives and produce a risk-prioritized report.

API Penetration Test

API Penetration Test

An API penetration test emulates an attacker trying to exploit vulnerabilities within your API that may allow him to bypass authentication controls, access sensitive data, or otherwise disrupt the service. The goal of the engineer performing this assessment is to comprehensively review your API for OWASP Top 10 vulnerabilities and exploit any vulnerability that may allow the engineer to bypass security controls. Our API Penetration Testing includes:

  • Method and parameter fuzzing
  • Injection attacks, such as SQLi, XSS, XPath, Command
  • Authentication bypass and privilege escalation attempts
  • Authorization testing to assess the security of data in multi-tenant configurations including:
    • Direct object references
    • Client or user impersonation
    • Authorization bypass
    • Information Leakage between clients
  • Analyzing headers and error messages for information disclosure
  • Identification of unnecessary information returned or data leakage
  • Analysis of server-level transport encryption for security best practice

Web Application Penetration Test

A web application penetration test is an in-depth penetration test on both the unauthenticated and authenticated portions of your website. The engineer will test for all of the OWASP Top-10 critical security flaws, as well as a variety of other potential vulnerabilities based on security best practice. Activities include:

  • Website mapping techniques such as spidering
  • Directory enumeration
  • Automated and manual tests for injection flaws on all input fields
  • Directory traversal testing
  • Malicious file upload and remote code execution
  • Password attacks and testing for vulnerabilities in the authentication mechanisms
  • Session attacks, including hijacking, fixation, and spoofing attempts
  • Other tests depending on specific site content and languages

External Penetration Test

An external penetration test emulates an attacker trying to break into your network from the outside. The goal of the engineer performing this assessment is to breach the perimeter and prove they have internal network access. This test includes:

  • Open source reconnaissance against the organization
  • Full port scan covering all TCP ports and the top 1,000 UDP ports of the targets in scope
  • Full vulnerability scan of the targets
  • Manual and automated exploit attempts
  • Password attacks

Internal Penetration Test

An internal penetration test emulates an attacker on the inside of your network. This could be either an attacker who is successful in breaching the perimeter through another method or a malicious insider. The goal of the engineer in this module is to gain root and/or domain administrator level access on the network, and gain access to sensitive files. Activities include:

  • Active and Passive network reconnaissance including traffic sniffing, port scanning, LDAP enumeration, SMB enumeration, etc.
  • Vulnerability scan on all in-scope targets
  • Spoofing attacks such as ARP cache poisoning, LLMNR/NBNS spoofing, etc.
  • Manual and automated exploit attempts
  • Shared resource enumeration
  • Password attacks
  • Pivoting attacks

Wireless Penetration Test

A wireless penetration test is a comprehensive evaluation of the wireless networks in your organization using automated and manual methods. Areas covered include:

  • Password attacks
  • WEP/WPA cracking
  • Guest wireless segmentation checks
  • Traffic sniffing attacks
  • SSID spoofing
  • Rogue access point discovery

Social Engineering Assessment

This assessment is designed to target and take advantage of the human-element to gain access to your network. This is done using a variety of methods to get an employee to click on something they shouldn’t, enter their credentials or otherwise provide them when they shouldn’t, or divulge information that may assist an attacker in breaching your network. The goal for the engineer performing this assessment is to gain information that may assist an attacker in future attacks, gather credentials, or gain a foothold on the internal network. This assessment will include:

  • Phone-based attacks
  • Spear phishing attacks
  • Bulk phishing attacks

Physical Penetration Test

A physical penetration test is an assessment of the physical security of your premises. Our engineers will attempt to gain access to your facility by identifying weaknesses and/or using social engineering. Once inside, our engineers will attempt to gather sensitive information, gain access to sensitive areas such as the data center, and attempt to gain internal network access.

Vulnerability Scanning

Vulnerability scanning is a regular, automated process that identifies the potential points of compromise on a network. A vulnerability scan detects and classifies system weaknesses in computers, networks and communications equipment and predicts the effectiveness of countermeasures. Our engineers will conduct this scan for you and use our expertise to remove false positives and produce a risk-prioritized report.

API Penetration Test

An API penetration test emulates an attacker trying to exploit vulnerabilities within your API that may allow him to bypass authentication controls, access sensitive data, or otherwise disrupt the service. The goal of the engineer performing this assessment is to comprehensively review your API for OWASP Top 10 vulnerabilities and exploit any vulnerability that may allow the engineer to bypass security controls. Our API Penetration Testing includes:

  • Method and parameter fuzzing
  • Injection attacks, such as SQLi, XSS, XPath, Command
  • Authentication bypass and privilege escalation attempts
  • Authorization testing to assess the security of data in multi-tenant configurations including:
    • Direct object references
    • Client or user impersonation
    • Authorization bypass
    • Information Leakage between clients
  • Analyzing headers and error messages for information disclosure
  • Identification of unnecessary information returned or data leakage
  • Analysis of server-level transport encryption for security best practice

Trusted By Organizations Across All Verticals

As a trusted security partner for organizations ranging from small start-ups to the Fortune 500, we pride ourselves on providing what you need to make data-driven decisions to optimize your resources and navigate the current cybersecurity landscape. With clients in every major vertical, we understand the unique challenges you face and how to tailor our assessments to meet your needs.

Triaxiom Security are experts at their craft. We have partnered with them on a multi-year engagement to identify our security weaknesses throughout our environment. Additionally, we are engaged with them to help us maintain PCI compliance on an annual basis. Their engineers have been extremely responsive and helpful every time we reach out, even if it is not part of an ongoing assessment. They truly are a part of our security team!

Chief Information Security Officer | Fortune 300 Retailer

We are extremely happy with the depth and breadth of the test Triaxiom performed, their attention to detail, and the great write-up of vulnerabilities that were discovered. They found vulnerabilities that were overlooked by other companies we used in the past. In today’s challenging and evolving security environment, getting a clean bill of health is great, but being able to keep up with best practices and quickly remediate vulnerabilities is absolutely critical. I’m very happy that we have an even more secure system and that we signed a three year commitment with Triaxiom Security.

CTO | SaaS Provider

We were pleasantly surprised by the penetration test, the professionalism and, more so, the effectiveness of the team. Regardless of the difficulty in securing the funds, the results were exceedingly thorough and we’re busily working on remediations, thanks to the helpful report. The results from their penetration test are the most useful tool to discover high-value actionable tasks which can keep us safe.

CISO | Higher Education University
section-bottom2-e1768828555490

Our CREST Certified Penetration Test Process

Our first step is to jump on a quick call with you and one of our lead engineers to understand your organization’s needs and to scope the penetration test. Within a few hours following this call, you will have a proposal with pricing information and next steps.

Our Proposal will have everything you need to make a decision, including scope, our detailed methodology for the in-scope assessments, pricing information, and the biography of a lead engineer who will be directly involved with your assessment.

Should you choose to move forward with Triaxiom, we will provide the required contracts to get the project started. Once contracts are signed, we will assign a project manager to your account that will work with you to schedule the kick-off call and execution of the assessment.

On the kickoff call, we will review the Rules of Engagement document that will govern the project. It will include all project contracts, the rules the team will follow during testing, the testing schedule, and allow you to provide the necessary technical details to facilitate your assessment.

Once we are on the same page, we will get started. While execution times vary depending on the scope, on average, most projects take one to two weeks of active testing to complete.

All of our assessments go through two rounds of Quality Assurance to ensure our reports and tests meet the highest standards. This includes a technical QA process to ensure our methodology was followed and all evidence was properly collected/analyzed. This is followed by a thorough documentation QA to ensure our reports are consistent and actionable.

Once the reports are complete, we will share them with you via our secure portal. Finally, we will jump on a deliverable presentation to meet with your team to review all findings and answer any questions you may have.

At Triaxiom Security, our primary goal is to make your organization more secure. As part of that, any findings identified during our test that you wish to remediate can be included in a one-time retest within 90 days of report delivery, free of charge. The team will validate that your remediation efforts were effective and will update the reports to reflect your heightened security posture.

Video Thumbnail

Web App Pen Test Deliverables

Each client engagement concludes with a comprehensive report that clearly outlines your organization’s security posture and testing results. Key features of the report include:

  • Executive summary highlighting strengths, risks, and takeaways
  •  Detailed results from the internal penetration testing
  • Clear descriptions of risks, affected systems, evidence, and prioritized remediation recommendations
  • Visual summaries and a risk rating scale
  • Roadmap to gradually improve security posture

CREST Certified Pen Test FAQs

The price of a CREST-certified penetration test can vary depending on the type of testing performed and the size/complexity of your network. Ultimately, penetration testing pricing comes down to one thing: the time required for a skilled engineer to do the job right. As such, a small external penetration test can cost as little as $5,000, but a comprehensive test that includes external, internal, and social engineering may cost up to $20,000 for the same small organization. At Triaxiom, our goal is to partner with you, so we can work with you to help tailor the assessment to your budget so you get the most bang for your buck.

Much like cost, the time required to perform a CREST-certified penetration test can vary by the types of testing and the size of the assessment. Most tests can be run concurrently with different engineers performing the work to speed things up. With that said, most external penetration tests can be completed in one week, where a more complex assessment could last two to three weeks.

At Triaxiom Security, we do everything we can to give you a holistic view of your risk by emulating the real-world attacks you are likely to face. However, we also understand the impact that outages can cause and do everything we can to avoid any disruptions. We do not exploit any denial-of-service vulnerabilities and do not perform any stress/load testing.

With that said, there is always a small chance of accounts getting locked out or an unstable sytem experiencing an outage. When that happens, we stop all testing, figure out what caused the issue, and work with you to identify any root causes of instability and adapt our testing going forward to meet your needs.

Our engineers have industry leading certifications including:

  • PCI Qualified Security Assessor (QSA)
  • Certified Information Systems Security Professional (CISSP)
  • Certified Ethical Hacker (C|EH)
  • Offensive Security Certified Professional (OSCP
  • Offensive Security Web Expert (OSWE)
  • GIAC Security Essentials Certified (GSEC)
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Web Application Penetration Tester (GWAPT)

Get A CREST Certified Pen Test Quote

 Find and fix vulnerabilities that ACTUALLY impact your business and compliance goals faster.

Get A Quote

GettyImages-1340936122-1-e1770050557619