Penetration Testing

Knowing how susceptible an organization is to cyber-attack is a critical first step to evaluate and improve overall security. ProSphere is a leader in conducting penetration tests to network devices (servers, firewalls, routers) and applications. 

What We Do:

ProSphere understands the difference between vulnerability scanning and penetration testing. We perform penetration tests that exploit vulnerabilities to determine unauthorized access or malicious activity, including advanced techniques in verification and authentication. ProSphere specializes and finding and reporting areas of weakness, before an attack occurs.

Where We Do It:

ProSphere helps agencies (such as VA and Department of Energy) comply with Federal Security Policies by identifying security risks before CRISP audits and update customers with mitigation actions. 

Tools and Methods:

Our testing methods include network penetration testing and application security testing, as well as controls and processes within networks and applications. ProSphere maintains expertise with the tools best suited for our customer’s needs, to include Metasploit, Wireshark, Netsparker, and Retina to provide scheduled assessments and present meaningful results.

Success Stories:

ProSphere is crucial in proactive penetration testing for the Department of Veterans Affairs.  We use Security Content Automation Protocol SCAP enabled tools along with SCAP expressed checklists to automatically generate assessments and FISMA compliant results based on NIST 800-53 security guidance.