Penetration testing, also known as ethical hacking, is the method used to test security vulnerabilities on web, network and computer applications. With your Pen Test reports, TBC’s cybersecurity experts deliver the intelligence information your company needs to lower risk, prioritize solutions, and meet compliance requirements.

Client goals:

  • Identify security weaknesses
  •  Meet compliance requirements

The TBC Method, executed by CEH and certified GIAC GPEN security specialists:

  •  Phase 1 – Footprinting (reconnaissance)
    • Build target list by identifying relevant information, including:
    • IPs
    • Ports
    • Services
  •  Phase 2 – Vulnerability Identification/Vulnerability Scan
    • Use information gathered in Phase 1 to research and compile comprehensive vulnerability list
    • Determine which vulnerabilites should be exploited based on severity
  •  Phase 3 – Exploitation
    • Exploit key vulnerabilities using exploit-code, ensuring exploitation does not have unintended impacts
  •  Phase 4 – Post Exploitation
    • Answer questions about identified vulnerabilities
    • How much access can be gained from most vulnerable point?
    • Can a hacker attain persistent access?
    • Can the attack pivot to other systems? What can it attack now?
    • Can we combine exploits to elevate our privileges?
  •  Phase 5 – Reporting