Objective Based Penetration Testing

Overview

Introducing the Objective-Based Penetration Test (OBPT) bundle, an enhanced package that builds upon our comprehensive Infrastructure Penetration Testing service. Objective-Based Penetration Test takes security testing a step further by incorporating specific goals, providing a focused assessment for more targeted security measures. Clearly outline your objectives, whether it’s gaining access to critical data or obtaining domain admin privileges, and our ethical hackers will deliver a detailed account of the attack methodology employed. This narrative empowers your in-house team to pinpoint and rectify security vulnerabilities effectively. OBPT stands as a holistic penetration test, encompassing adversary simulation to provide additional layers of security support.

OBPT Service Highlights

The Objective-Based Penetration Test (OBPT) is a bundled package, incorporating our comprehensive Infrastructure Penetration Testing service. OBPT goes beyond by introducing contextual and goal-oriented security testing. Specify your objectives, whether it’s accessing critical data or obtaining domain admin privileges, and our ethical hackers will furnish a detailed account of the attack execution and methodologies employed. This empowers your in-house team to pinpoint and rectify any security vulnerabilities. OBPT stands as a thorough penetration test, featuring adversary simulation to provide additional layers of security support.

Infrastructure
Social Engineering
Tailgaiting
Application Testing

E-mail Phishing
Wireless
Usb Device Drops
Card Cloning
Device Planting

What you'll get:

Social engineering scoped to your preferences (phishing, vishing, tailgating, device drops)
Active directory assessment to identify weaknesses in passwords and configurations
Ransomware assessment that will identify potential impacts of a ransomware attack with the current configuration and security controls
A thorough penetration test across your infrastructure

Why OBPT?

The advantage of Objective-Based Penetration Testing (OBPT) lies in its targeted approach. By defining specific goals, such as gaining access to critical data or obtaining domain admin privileges, OBPT provides a focused and goal-oriented security assessment. Ethical hackers then simulate attacks, offering a detailed narrative of methods used. This targeted testing allows your in-house team to efficiently identify and address security vulnerabilities, enhancing overall cybersecurity posture.

What is an Objective-based Penetration Test, and at what stage is the organization ready for this approach?

An objective-based penetration test begins with a comprehensive, coverage-based infrastructure penetration test. It layers on additional components to round off the assessment, and make it far more realistic and thorough to ensure we actually move the needle on security. The objective-based penetration test includes Infrastructure Penetration Testing, an Active Directory Password Audit, Active Directory Bloodhound Audit, e-mail phishing, advanced simulation of your top five objectives (e.g., obtain access to ERP, obtain administrative control over the target network, etc.) and more.

We recommend the objective-based penetration test as the initial approach for most organizations because it helps prioritize your path to low risk across people, processes and technology. It also helps evaluate the responsiveness of your blue team!