Uncover software vulnerabilities and stay safe.

Towerwall offers a wide range of penetration testing services that assist our customers in building out a comprehensive Vulnerability Management Program. During a penetration test, Towerwall has two primary objectives: the obtainment of unauthorized access and/or the retrieval of sensitive information. Penetration Testing addresses the following concerns:

Our Vulnerability & Technical Security Services include:

Firewall Rule Review

  • Conducts a line-by-line analysis of the firewall’s configuration
  • Verifies the operating condition of the firewall and the effectiveness of its security configuration and rule sets 

Security Architecture Controls Assessment

  • Conducts tests of security controls to determine their effectiveness and include a firewall rule review, internal and external vulnerability assessment, penetration testing, social engineering testing, application testing, and a manual review of perimeter defenses, servers, desktops, routers, switches, and network appliances

Vulnerability Management Program Development

  • Conducts a network penetration test to find network vulnerabilities that an attacker could exploit
  • Performs internal vulnerability scanning
  • Checks the enumeration of the entire Netblock to identify new hosts that may be exposed to the internet and perform vulnerability testing including:
    • Port scanning
    • Service identification
    • System identification
    • Vulnerability testing and verification
    • Prioritization of remediation

Web/Mobile Application Penetration Test

  • Conducts penetration testing procedures to find application flaws that an attacker can exploit
  • Evaluates application security via:
    • Authentication and access control
    • Input validation encoding
    • Cross-site scripting
    • SQL injection
    • Enumeration of user and system accounts, servers, and internal communication ports
    • Business logic
    • User and session management (including privileged escalations)
    • Error and exception handling

Windows Permissions and Audit Control

  • Evaluates data governance systems such as Varonis, to determine if this type of file permissions software brings value to the organization
  • Assesses current file permissions practices and file storage ownership practices