Get a real-world look at how attackers could exploit your network security with our hands-on, manual network penetration testing services
Identify the ports open on each device.
Identify the name and location of systems on the network, as well as, the operating system and any running services.
Check for well-known vulnerabilities that can exist in web servers, FTP servers, DNS servers, etc.
Test for the operating system and services running on each exposed system.
Attempt to access and retrieve sensitive data from targeted systems by exploiting application or operating system vulnerabilities.
Probe firewall for open ports or services.
Methods to evade or obfuscate the ability of active defenses (like intrusion prevention systems) to properly prevent known attack techniques.
Enumerate the network’s relationship and exposure to the Internet, including DNS and host name (domain name) registration information.
Network Penetration Testing
Cybersecurity breaches and attacks are unplanned and cost money.
Consequently, we cater to your cybersecurity needs and we’re affordable.
Who’s behind the breaches? What tactics do they use?
Hover over the pie chart to see the stats.
MainNerve ensures that all penetration testing follows the methodology defined in the NIST SP-115 for network and wireless penetration testing as well as OWASP for web application penetration testing. These methodologies ensure a clear, well defined approach to the testing of your infrastructure, applications and employees.
Planning
The planning stage of penetration testing will include communication with the key points of contact. MainNerve will address the scope of the project to include project objectives and limitations. We will provide rules of engagement (ROE) before work begins.
Attack
Using a blend of custom, open source, and commercial software tools, MainNerve will attempt to exploit vulnerable hosts. The aim is to access sensitive information, establish a persistent presence on the system, and abuse the trust of related systems.
Discovery
MainNerve will use industry-approved tools and techniques to perform an extensive search for information on the client’s network. The goal is to identify technical data about the external and/or internal network infrastructure for targeting.
Reporting
Considered the most important step in penetration testing, our reports relay all findings in a thorough and clear report. This includes technical findings, screen captures as proof of risk, remediation recommendations, and risk ratings.
MainNerve’s wireless penetration test will examine your wireless network, similar to a regular network penetration test. It will focus on the WLAN and help identify any vulnerabilities with that wireless network. The tester will attempt exploits and provide detailed results on those tests.
Web application penetration testing is designed to assess and test the state of your web-facing applications, and provide actionable remediation recommendations for enhancing your security to both your customers and users. This testing ensures that your applications will meet the security demands of your internal policies and customer assessment requirements. API testing can also be performed when required.
MainNerve’s Security Risk Assessment is designed to provide you valuable information about your policies and procedures, and the safeguards you’ve implemented. We’ll help you find deficiencies in your risk management program that will allow you to set up a plan to improve it.
What Our Clients Say
In 12 years of tests, you are the first company that found anything higher than a low risk. Phone and cameras were never discovered in the test, let alone accessed. Great to always get a different perspective from a test.
Our local partner that normally provides us with vulnerability and penetration testing was unable to help us this year. We were lucky enough to find MainNerve as a solution to our problem. MainNerve was very responsive to us and worked under a very tight timeframe to perform vulnerability and penetration testing for us and help us out of a tough situation. They went above and beyond. They provided us with some additional guidance in other security areas as well. We will continue to use MainNerve each year now for our security testing needs. We are glad we found them.
I was quite pleasantly surprised by the engagement. I think the thing I liked best about it was that everyone at MainNerve really took the time to listen and understand what we did, why we were doing it, and our business goals. It gave us confidence that we were in the right hands.
Always nice to have a dependable vendor that is fully committed and reasonably priced.
It’s been a great partnership for the last 4 years. When NYDFS Cybersecurity regulation was announced back in 2017, I did not have much experience in the security fields such as risk assessment, vulnerability assessment, and Penetration testing and was not comfortable creating the plan. I was searching for information on the internet and came across multiple companies. I contacted MainNerve and they explained the process as well as their background which gave me comfort in the overall process as well as the confidence in the MainNerve team. Also, the cost was very reasonable. Going through the signing, planning, assessment, testing, and reporting, they were in constant contact with me and updated me with steps they are taking and when I can expect the next milestone. When we had delays, they were patient and worked with us. We finished all the assessment and testing in the expected time and now we just do it annually. As our IT environment expands, we increase the scope of the testing, and MainNerve has been very flexible with our plans, budget, and timing. I have introduced the MainNerve to colleagues in other companies in NY and they are also satisfied with the service.
Our company has used MainNerve for a number of years for penetration testing. They are very professional and very thorough. They are careful about not disrupting the organization during the testing and they walk you through the test results in a way that makes understanding them very straightforward. We’ll be using them again soon.- Google Review
We have utilized MainNerve for three years for our penetration tests as required by our clients. They have always provided fast, efficient, precise and detailed reports that prove more than sufficient to meet our industry’s high level of data security requirements. Pricing is more than reasonable and they are always available to help and provide guidance when needed. Highly regarded and recommended.- Google Review
MainNerve performs periodic Penetration Testing and Vulnerability Assessment for GETIDA web servers. We are completely satisfied with their service level, response times, and pricing. The final reports are useful for both IT professionals (taking care of the findings) and managers (general understanding of information relevant for sales and customer service) here in GETIDA. Also, the reports were viewed and approved by Amazon security auditor. Good job!- Google Review
Great Experienced staff, made the process fast and easy. I appreciated the attention to detail throughout the whole process and will 10/10 use and recommend for those looking to test their network security.- Google Review
