Penetration Testing Services

Thorough Reports. Actionable Recommendations.

Certified Penetration Testing

Penetration testing is a proactive approach to discovering exploitable vulnerabilities in your web applications, computer systems, and networks. Our manual testing process goes beyond automated scanning and into complex security exploitation. Gain a thorough understanding of these vulnerabilities and begin to remediate the issues before an attacker is able to interrupt your business operations.

  • Secure your data and systems
  • Prevent business interruption
  • Protect your brand image

Want to learn how vulnerable your critical assets are to cyber attacks?

Our Services

Pratum's penetration testing provides insight into an attacker's mind. We prepare organizations to defend against cyber attacks by educating through ethical security exploitation. Our ethical hackers perform penetration testing from our labs in Des Moines, IA, Kansas City, KS, and Dallas, TX. When appropriate, testing can also be performed on-site at client locations.

Web Application Penetration Testing

Web applications can process and/or store sensitive information including credit cards, personal identifiable information (PII), and proprietary data. Applications are an integral business function for many organizations, but with that functionality comes risk. Pratum's web application penetration testers seek to obtain unauthorized access into web apps to gather sensitive information which will provide visibility into the risks associated with application vulnerabilities.

Network and Infrastructure Penetration Testing

Infrastructure penetration testing identifies security weaknesses in your network, as well as the devices within the network. Our testers search to identify flaws such as out of date software, missing patches, improper security configurations, weak communication algorithms, command injection, etc. Infrastructure penetration tests often include the testing of firewalls, switches, virtual and physical servers, and workstations.

Penetration Testing Methodology

Penetration Testing Methodology Scoping and Pre-Engagement Define success criteria Reconnaissance Information gathering and discovery, Device and OS enumeration, Port scanning and Network sniffing. Discover and Vulnerability Assessment Vulnerability detection, Authentication testing, Data validation and Configuration management. Exploitation Vulnerability verification and False positives and false negatives elimination Analysis & Reporting:  Analyze and consolidate findings to report vulnerabilities.

Wireless Penetration Testing

Your wireless network may be susceptible to exterior signal bleeding. Pratum's wireless pen testing services focus on the discovery of wireless access points, attempting to enumerate weaknesses in the wireless infrastructure. After gaining access to the wireless network, Pratum’s penetration testers attempt to exploit weaknesses in your network to gain access to privileged areas and demonstrate the potential impact of a wireless network breach.

Social Engineering Services

Social engineering is a true assessment (pretexting phone calls, email phishing tests, dumpster diving, and facility access) of an organization’s security training and awareness practices. By performing social engineering assessments of an organization’s facilities and employees, Pratum is able to establish the baseline security posture and make recommendations for modifying and developing stronger policies and procedures.

Training: Security Awareness

  • Educating on security threats
  • Preparing employees to react
  • Strengthening security posture

Testing: Security Practices

  • Validating security training efforts
  • Establishing strengths and weaknesses
  • Providing insight for further training

Want to learn more about penetration testing? We have prepared several penetration testing blog articles and infographics just for you.

Our certifications

  • Offensive Security Certified Professional (OSCP)
  • Certified Ethical Hacker (C|EH)
  • GIAC Certified Intrusion Analysts (GCIA)

Penetration Testing Deliverables

Our penetration testers perform assessments, interpret the results, and provide reports for your organization. Deliverables for a penetration test include:

Executive summary report

A high-level overview of your pen test report; highlighting critical vulnerabilities.

Full technical report

An in-depth look into how your information security controls performed during testing.

Remediation action plan

An actionable guide designed to help secure your organization's vulnerabilities.

Validation of remediation efforts (external pen tests only)

With external penetration tests, Pratum provides validation of remediation efforts within a designated timeframe from the delivery of your report. These validations ensure that your organization has performed the necessary tasks to protect and secure your confidential data.

Interested in penetration test services?

Complete this form for more information
or to request a proposal.

The information we track while users are on our websites helps us analyze site traffic, optimize site performance, improve our services, and identify new products and services of interest to our users. To learn more please see our Privacy Policy.