Network Security Testing
Network Security Testing assesses the efficacy of security controls that protect your digital assets. Dolos Group tailors network security testing to each client’s defensive posture and security program maturity. Our network security testing services run the gamut and can be performed as:
Vulnerability Assessments focus on identification of surface vulnerabilities within a network. Vulnerability Assessments are ideal for organizations seeking a baseline assessment for iterative comparison or as an ongoing discovery for rogue systems and services. Organizations with relatively new security programs will benefit tremendously from a vulnerability assessment that identifies gaps in security controls or policy oversights.
Penetration Tests illustrate the impact of a skilled adversary targeting your organization. Prior to engagement start, Dolos Group will work with you to set objectives(goals) and define an attacker pretext. These goals will focus the intent of the attacker, where the pretext will determine the source networks, tools and techniques of the adversary. Internal, external, and wireless penetration tests are the most common forms of network security testing.
Application Security Testing
Application Security Testing evaluates the state of applications to identify weaknesses in the configuration and coding practices of your custom applications. Dolos Group is well-positioned with industry experts to perform web application testing, web API testing, source code review, as well as static and dynamic application security testing. Our application security testing services can be performed as:
Black-box Assessments - simulating attackers attempting to breach application defenses
Grey-box Assessments - collaborative testing with access to sample application requests and credentials
White-box Assessments - comprehensive code audits
Social Engineering and Physical Security Testing
Social Engineering is the art of manipulating a person into performing an action or revealing sensitive information. Our social engineering services can be performed remotely, in the case of phishing assessments or in-person, as part of a physical security review or Red Team assessment.
Phishing Assessments help raise end-user awareness and provide a realistic view of weaknesses in your organization’s security education program. While there are several technical solutions to help defend against bulk phishing attacks, no product is available to prevent users from unintentionally revealing sensitive information and putting your organization at risk.
Physical Security Assessments evaluate the security controls designed to protect your offices, data centers, or any other physical asset. Weaknesses in both security policy as well as implementation are identified which an attacker could leverage to gain unauthorized access to secure locations. Often used as part of a larger Red Team assessment, physical compromise can be used to gain access to the internal network, allowing attackers another method to breach the network perimeter.
Red Team Testing
Red Team Testing provides organizations the opportunity to validate their security controls against a motivated and skilled attacker. While network and application security testing is performed from a single source, Red Team testing will assess an organization’s defensive readiness against a realistic attacker who has no such limitations. Dolos Group will work with you to identify critical assets and collaboratively define objectives prior to performing the assessment.
Unlike all other forms of testing, Red Team assessments are performed completely black-box. Dolos Group will identify internet-accessible targets through information gathering techniques, enumerate users for social engineering and phishing attacks, as well as assess the wireless networks and physical security for possible points of entry.
Dolos Group believes that all Red Team assessments should be conducted with realistic adversary tactics and motivations, allowing an organization’s defenses or Blue Team the opportunity to identify, respond, and mitigate the attack in-progress. Organizations with mature security programs rely on Red Team testing to provide assurance that their defenses are ready to combat emerging threats.
Dolos Group is dedicated to continuously elevating the state of security testing, vulnerability research, and the proactive security methodology.
To date, the information security industry has struggled to keep pace with modern adversaries and emerging threats. The common reactionary approach provides little protection against dedicated attackers who specifically target an organization. Dolos Group collaborates with clients to develop a thorough understanding of their risk portfolio, and enable strategic security enhancements to combat technological threats. We were founded with three principles:
Dolos Group was founded to address the growing gap between the services offered at traditional information security firms and the techniques used by modern attackers. Simply put, adversaries are growing in sophistication while talent shortages within the security industry have led to an influx of entry-level talent resulting in diminished capabilities as a result. Dolos Group has taken a different approach by exclusively hiring veteran security professionals with proven track records.
Dolos Group offers highly distilled offensive security assessments by world-class talent. For us, security is not a loss leader, a weekend hobby, or a complementary service; security is our life's work. We are committed to advancing the state of security testing and routinely author tools, present at industry conferences, conduct master-level training, and advise industry associations.
Security consulting has evolved into a highly impersonal, deadline dominated industry. We recognize that communication is an essential element to meet our client’s standards. As veteran security professionals, we act as trusted advisors, project managers, and hackers throughout every engagement. From day one, you receive personal attention to ensure we deliver beyond your expectations.
We'll handle your security so you can spend more time focusing on your business and your customers. Working with Dolos Group gives you the peace of mind to know your information is secure.