Penetration Test & Vulnerability Scan

Unlocking Security:

Partner with Pegasus for Effective Pentesting

Typically a pentest will reveal vulnerabilities that can be clumped into two buckets. The first bucket is projects. Some of the projects you probably put on the back-burner because of budgetary or more pressing reasons. Other projects might require subject matter expertise (translation: nuanced experience in a specific area) that you could do yourself if you had time to build a test lab and run a few simulations. An outside IT firm like Pegasus can help you justify budgets, provide temporary expert labor to complete a project for you, or explain the pitfalls since they’ve likely done similar projects in environments like yours several times in the last year. The second bucket is more mundane work like training people, enabling verbose logging on more devices, reading telemetry from all those logs in quick fashion, and weeding out the white noise from all that network activity to distill alerts into actionable intelligence. You could do all that yourself, but who has the time? Those sorts of routine maintenance tasks can be outsourced to an MSP like Pegasus who has already automated the work and offers solutions for a fixed monthly price based on the number of devices and people you need to protect. Schedule a call with Pegasus to help determine how we can help you with tasks in one or both of these buckets- before a criminal exploits the “to-do” list items you haven’t had time to cross-off.

Easy to Setup

Preparing for a penetration test is easy. All we need to get started is your public IP range. It will be eye-opening to see what criminals can see. Want to see what could happen if a person who means no harm plugs into your internal network? We can show you. To conduct a penetration test, we do not require any admin credentials or any special knowledge of your network. If you care to give us more data or more access, we can report on even more about your environment. 

Our penetration tests narrate the methods a criminal would successfully use to access your systems and data. Contact us today to see a sample of what our penetration test reports would show you.

Quality & In-Depth Reports

We offer a few types of IT infrastructure analysis reports. We can run an external penetration test, where we show you how a criminal might gain access to your systems from the outside knowing only your public IP address. We can run an internal vulnerability scan, where we show you what a person could access simply by connecting to an internal switch- perhaps by an open network jack, perhaps by a wireless connection. We can also show you a detailed analysis comparing your security posture against best practices to see where you’re consistent, where you have better-than-average protection, and where you’re the low hanging fruit criminals love to exploit quickly. Of course, we typically do all three types of tests to give you a full picture of your defenses. None of them require a significant amount of preparation time on your part, and that’s the point- we provide a narrative of how a criminal would approach your systems. Which type of test would be most helpful to you?

Our pentests use a variety of both automated and manual methods to deliver you a thorough set of reports. Few professionals have a toolbox filled with as many automated scripts as we do, and even less professionals know when to use the findings from automated scripts and to manually breach a system. We do our best to think like a criminal using many of the tools they use, so you can see real-world vulnerabilities, not just academic ones. You aren’t going to hear a standard sales pitch for a security product or software package- every system is different. Talk to us to learn how your specific network could be better defended in a way that will actually stop attackers in their tracks

Make Educated Decisions

Reading a pentest report could be scary, but it doesn’t have to be. We see them as opportunities to help you and your executives make educated decisions on how they want to budget for security, after seeing how they are vulnerable. We can help assign weighted probabilities for risk mitigation to different types of defenses. Our goal is never to scare people- we want to educate them so they can make the best choices to keep their business profitable and operational. Give us a call so we can help you understand how you’re really at risk today.

Validate Updates with One Free Retest

Our pentests include one free retest. This can be used to help validate your fixes and updated defenses are working as planned. If you don’t make any major changes you feel are worth a follow-up test, the free retest could save you money next year when your annual pentest comes due. Contact us to take a more pragmatic approach to penetration testing.