Red Team Testing
PENETRATION TESTING – “White hat”
The term “white hat” in Internet slang refers to an ethical computer hacker, or a computer security expert, who specializes in penetration testing and other testing methodologies to ensure the security of an organization’s information systems. They can assess the feasibility of a security breach and the subsequent impact of any successful exploitation. We offer red teams that attempt malicious entry in both the physical and cyber world.
We simulate a real threat scenario that would be staged by a competitor or a perpetrator, including the strategy, actual tools and methodologies deployed by such threats.
As leaders in the field of high-level intelligence and physical security infrastructure that offer red team testing, our operators understand security is more than firewalls and software. Our team will perform a full risk assessment of your technological and human factors, utilizing a series of techniques including attacking software and computer systems from the start by scanning ports, and examining known defects and patch installations. Attack types include social engineering, open source research, and deception to attempt a cyber attack in order to bypass and breach your perimeter and physical security, within an agreed set of boundaries. We can even arrange for cloned test systems, or organize a hack late at night while systems are less critical, in order to expose weaknesses and vulnerabilities within a company’s operational framework. With our services corporations can prevent loss of revenue through fraud and protecting their brand by avoiding theft of assets and thereby a decline in customer confidence.
MOSAIC’s scope during penetration testing includes tests like social media risk analysis as well as securing a work space by utilizing TCSM (Technical Counter Surveillance Methods) such as bug sweeps to locate hidden listening or camera devices in offices, conference rooms, homes, vehicles or phones. On the cyber platform our realm of expertise includes:
-DoS attacks - Denial-of-service attacks
-Social engineering tactics – the art of manipulating people into performing actions or divulging confidential information
-Security scanners such as: W3af vulnerability scanner and exploitation tool for Web applications , Nessus
-Frameworks such as Metasploit
Such methods identify and exploit known vulnerabilities, and attempt to evade security to gain entry into secured areas.