External |
4 days of Internet-based to assess the vulnerabilities |
Internal |
4 days of internal network vulnerabilities |
Wireless |
2 days of wireless surveying and penetration testing. Testing will look to identify both misconfigured corporate wireless Access Points (APs) as well as rogue APs at up to 3 physical sites within a close geographic proximity. |
Physical |
2 days of physical testing of building security. Testing may be performed at up to 3 physical sites within a close geographic proximity. |
Social Engineering |
This testing can take many forms, most commonly leveraging targeted phishing emails. Malicious USB drives or phone-based social engineering are two other options. |
Web Application |
This testing leverages deep, manual web application testing techniques to identify vulnerabilities in one web application. Testing is performed from the perspective of an unauthenticated visitor in addition to a legitimate application user. |