Penetration Testing

Knowing how susceptible an organization is to cyber-attack is a critical first step to evaluate and improve overall security. ProSphere is a leader in conducting penetration tests to network devices (i.e., servers, firewalls, routers) and applications. 

What We Do:

 ProSphere performs penetration tests that exploit vulnerabilities to determine unauthorized access or malicious activity, including advanced techniques in verification and authentication.

Where We Do It:

ProSphere helps agencies (e.g., Veterans Affairs (VA) and Department of Energy) comply with Federal Security Policies by identifying security risks before CRISP audits and update customers with mitigation actions. 

Tools and Methods:

Our testing methods include network penetration testing and application security testing, as well as controls and processes within networks and applications. ProSphere maintains expertise with the tools best suited for our customer’s needs, to include Metasploit, Wireshark, Netsparker, and Retina to provide scheduled assessments and present meaningful results.

Success Stories:

ProSphere is crucial in proactive penetration testing for VA. We use Security Content Automation Protocol (SCAP)-enabled tools along with SCAP-expressed checklists to automatically generate assessments and FISMA-compliant results based on NIST 800-53 security guidance.