Penetration Testing

Our experts review your environment just like a real-world adversary would, going beyond vulnerability scanners to help you find blind spots, enhance your security posture and better prepare.
Challenges

Getting Inside the Mind of a Hacker

Meaningful, actionable insights that help improve your cybersecurity posture require more than pass/fail scans – they require resources and time often only available with the help of third-party resources.

Network Effect

Expanding Network Perimeter

Today’s perimeter extends across cloud, wireless, Bring your own device, and remote work, presenting a wide attack surface that can be exploited.

Mimicking Adversaries

Mimicking Adversaries

Cybersecurity adversaries evolve constantly, and so should your testing approach, replicating the real-world threats that matter most.

Exposing Kill Chain

Exposing the Kill Chain

Do more than find vulnerabilities. Actionable insight, targeted defense and improved detection start by exposing the kill chain.

Our Approach

Hands on. Target Locked.

Finding vulnerabilities goes beyond an asset inventory. Knowing what attackers can do once they achieve a foothold helps create a plan that enables pragmatic, proactive improvements that mitigate organizational risk.

  • Goal-based and focused on your most pressing security concerns
  • Hands-on tests, replicating internal Advanced Persistent Threat (APT) or Nation State
  • Narrative reports and executive-level summaries to provide relevant information to technical and non-technical audiences
adversarial-approach-hands-on-target-locked_16-9-md
Our Services

Our Penetration Testing Services

Secureworks provides a comprehensive portfolio of penetration testing services to help you identify gaps and weaknesses before the threat actor does – no matter the source of the attack.

External Penetration Testing

Attackers have many tricks up their sleeves to determine if your perimeter defenses stand up to attempts to breach.

  • Show impact with manual testing that mimics current threats, including pivoting, post-exploitation and data compromise
  • Uncover if your environment can stand up to threat actors with proprietary tooling and creative adversarial experts
  • Expand your understanding of the risk you face beyond a pass/fail with severity-ranked risk and recommendations

Read the Blog

Leveraging Penetration Testing to Test Detection Capabilities
external-penetration-testing_16-9

Internal Penetration Testing

The attackers’ work continues once inside. Assess layered defenses and know how quickly an internal threat could compromise your entire system based on different threat models.

  • Test internal security controls, firewall rules and more that limit user access
  • Advance your penetration testing approach with an added dimension to know how quickly an internal threat could compromise your entire system
  • Find insider threat risks and provide insights that enable IT teams to make smarter security choices
internal-penetration-testing-16-9

Wireless Penetration Testing

Wireless networks are an often-overlooked part of testing. A wireless penetration test focuses on evaluating your wireless network security and how attackers may exploit it.

  • Find out how your wireless connections expose internal networks you thought were segmented
  • Identify ways an attacker could breach your wireless network and its clients or find a pathway to the internal network
  • Go beyond the assessment of applicable compliance mandates with a security-first approach to testing
wireless-penetration-testing_16-9

Physical Testing

Adversaries will try any means to get in – so don’t neglect your physical security controls. Secureworks provides physical testing to provide a comprehensive view of your risks.

  • Test your employees’ resiliency to social engineering and physical attacks, including tailgating and badge cloning
  • Test building security controls with a threat actor mindset, including lock-picking, badge reader manipulation and other control blind spots
  • Customizable goals and rules of engagement based on organizational needs and desires
physical-testing_16-9

Specialized & Custom Work

Secureworks leverages the vast expertise and specializations of the team to offer custom testing across devices, systems, software or threat models.

  • Hardware; including IoT, OT, Embedded Devices, firmware, medical devices and robots
  • Vehicle Systems Testing (Automotive, CANBUS, autonomous vessels, aircrafts)
  • Custom networking protocols
specialized-custom-work_16-9
Threat Models

Common Threat Scenarios

Leveraging our goal-based testing methodologies and specialized application security expertise, combined with access to real-world threat research, the Secureworks Adversary Group can help you answer your modern-day offensive security questions.

Remote Access Vulnerability Assessment

Did the move to remote work create new, exploitable vulnerabilities in your environment?

remote-access-vulnerability-assessment_16-9-md

Ransomware Attack Simulation

Could we defend against a threat actor attempting to deploy ransomware before it’s too late?

ransomware-attack-simulation_16-9-md

Lost or Stolen Laptop

Wonder what would happen if someone gets a hold of/steals a laptop?

lost-or-stolen-laptop_16-9-md

Cloud Penetration Testing

Have our defenses kept up with increasing cloud adoption?

cloud-penetration-testing_16-9-md

Insider Threat

Concerned about what an internal user or vendor may be able to access?

insider-threat_16-9-md
Why Secureworks

Adversary Group

The Secureworks Counter Threat Unit’s™ Adversary Group is a dedicated group of seasoned testing experts helping you challenge assumptions about your security and battle-test your defenses to gain assurance and better prepare for the fight.

Team

Dedicated Testing Expertise

Adversarial security tests are delivered by world-class, highly certified and seasoned testing experts – testing is all they do. They are 100% focused on delivering offensive security testing – nothing else.

Matching Speed

Passion for the Offense

Our testers are passionate about security and are continuously honing their skills through training (including pursuing the latest Offensive Security certification), knowledge exchange with their peers, and exercising those skills (and winning) at the world’s largest Capture the Flag (CTF) events.

Stakes Rising

Powered by CTU Intelligence

The Secureworks CTU™ collects and analyzes offensive and defensive intelligence, from thousands of adversarial and response engagements every year. Our testers combine their years of hands-on experience with that latest threat intel to drive unrelenting creativity and ingenuity into every test.

Offensive Security Customer Advisory Board Member

Offensive Security Customer Advisory Board Member

6x Consecutive Wins Grrcon Car Hacking CTF

6x Consecutive Wins at GRRCON

3x Consecutive Wins Defcon Wireless CTF

3x Consecutive Wins at DEFCON

150+ Offensive Security Certifications

150+ Offensive Security Certifications

Crest Pen Test

CREST PenTesting

Resources

Related Resources

Ready To Test Your Security Assumptions?

Contact us to speak to an expert about your testing or broader incident readiness needs, or learn more about all our incident readiness, response, and testing services.