Penetration Testing
& Red Teaming

Research shows that US organizations are reporting an increase of over 41% in compromised files in a one year period.

In one month alone, the average payment demand was $190,946 with several organizations facing ransom demands in the millions of dollars.

All it takes is one weak entry point for a breach to occur, and what we have learned is that cybercriminals are determined to find it.

What is Penetration Testing?

Your organization faces threats from the continual changes associated with new and rapidly deployed technologies, personnel changes, increasing malware sophistication, and ever more knowledgeable attackers. We test your network to determine where your weakest points are located and recommend solutions to fill the gaps.

Penetration Testing helps detect and analyze vulnerabilities. It’s designed to assess how your organization can hold up against an attack and identify where additional security controls will lower the risk to your organization.

Does This Apply to You?

No organization is perfect; cybersecurity threat actors are relentless in trying to infiltrate even the most secure systems.

Penetration Testing can locate security vulnerabilities in network infrastructure, wireless networks, servers, workstations, web applications and APIs, mobile applications, IoT, as well as human related social engineering vulnerabilities.

WHERE DO THESE RISKS EXIST?

Organizations may not be aware that these risks are everywhere.

Network

Mobile Application

Web Application

Wireless

What can an organization do to block a determined attacker?

What is Red Teaming?

Online’s Red Teaming service uses a longer-term strategy to identify gaps in an organization’s defenses using Open Source Intelligence (OSINT) gathering along with any number of attack methods including but not limited to Penetration Testing, Social Engineering (Phishing/Vishing), and Physical Penetration Testing.

How Does Red Teaming Work?

By embodying the thinking attacker viewpoint of a cybercriminal, each Red Teaming engagement provides an organization with a more realistic understanding of how they may be attacked and, more importantly, where they may have weaknesses that make them vulnerable.

RED TEAMING: THE 4 PHASES OF ENGAGEMENT

Interested in learning more about the
4 Phases of Engagement when discussing Red Teaming?

BLOG: Why Aren't You Red Teaming?

Network attacks are on the increase, and hackers are being forced to become more and more sophisticated as we build even stronger defense strategies to shut them down.

All it takes is one weak entry point for a breach to occur, and what we have learned is that cybercriminals are determined to find it.

BLOG: Tribe of Hackers:
Red Teams & More

Online is proud to feature a chapter from Tribe of Hackers, written by Marcus J. Carey and Jennifer Jin. Our very own security expert Jeff Man shared many insights and stories in chapter 25 of this highly acclaimed book.

Jeffrey Man is a respected information security expert, advisor, evangelist, and co-host of the security podcast Security Weekly. He has more than 35 years of experience in all aspects of computer, network, and information security. Jeffrey has held various information security roles within the DoD as well as private sector enterprises, is a former PCI QSA, and was part of the first penetration testing red team at the NSA.

CASE STUDY: Red Team Reveals
Security Voids

Online was engaged by a large, international organization that had an extensive and ongoing Penetration Testing program to perform a Red Teaming exercise. Our client was interested in exploring how secure their networks were using real-world tactics.

Learn how Online’s final report provided recommendations to remediate identified vulnerabilities and allowed the organization to gain valuable insight to improve their security so that they can build stronger defense strategies and reduce the number of hidden-in-plain site weaknesses.

OUR THINKING

BLOG: Don't be a Bad Rabbit

Ransomware wasn’t always headline news. In 2017 a ransomware nicknamed “Bad Rabbit” swept through eastern Europe. Victims were asked to pay a measly 0.05 Bitcoins (around $285), they were given 41 hours or face the consequences.

Fast forward to 2021, ransomware has come a long way in the past four years and has become the #1 moneymaker for cybercriminals. Ransomware attacks today are common, costly, and can stop a business in its tracks.

BLOG: When 24X7 Security is Not Enough

Neighbors, babysitters, handymen, even family members; your backyard, upstairs deck, even your own front door…

Statistics show the vast majority of burglaries and theft, especially identity theft, are perpetrated by a household acquaintance or family member. The US Department of Justice says that “Offenders were known to their victims in 65% of violent burglaries; offenders were strangers in 28%.” Similarly, any Google search yields countless articles listing front doors, backyards, and ground floor windows as the most common points of entry for burglars

CONNECT WITH OUR TEAM

Will Bechtel


Director,

Technical Security Services

ROB HARVEY


Managing Director,
Risk, Security and
Privacy

Check out
Digital Product Development services at Online

SERVICE PAGE

Check out
Security Advisory
services at Online

SERVICE PAGE

Check out
Customer Engagement
services at Online

SERVICE PAGE