Latest Blog Post

read more

News and Events

August 25, 2014 - Sherri Davidoff began teaching her Introduction to Cybersecurity course at the University of Montana.
 
September 5, 2014 - We're pleased to announced that Network Forensics Puzzle DVDs from 2011, 2012, and 2014 are all available on BytePuzzles!
 
March 24-25, 2015 - LMG will teach "Network Forensics: Black Hat Asia Edition" at Marina Bay Sands in Singapore. Sign up today!
 
read more
 
LinkedIn Reddit Delicious Technorati Twitter Digg Stumbleupon

 
Join our Email Newsletter

 
Class and Book

Want "Network Forensics" (the class) taught privately at your facilities? Request an Onsite

Order Network Forensics: Tracking Hackers Through Cyberspace!


 
Need Expert Consulting?

Request a Quote

Email Us an RFP



Penetration Testing
 

Can hackers break into your network or mobile devices? Let LMG's crack team of GIAC-certified penetration testers put your systems to the test, so you can sleep at night. Using sophisticated, cutting-edge tools and techniques, we identify vulnerabilities and demonstrate how they can be exploited. Our experienced testers know how to test safely and effectively, and communicate with you throughout the test so that you stay in the loop.

LMG's penetration testing services include:

All of LMG's penetration tests include detailed manual examination, in addition to automated tools. Often, we find security holes that automated scanners -- and other security companies -- do not. Our testers are trained to think outside the box (just like hackers) and stay up to date on the latest exploits. You receive a report with detailed results, risk ratings, as well as descriptions of impact and prioritized recommendations.

 
Service Description Details
External Penetration Test

Test the security of your Internet-facing servers.

LMG's team of GIAC-certified testers examines your Internet-facing servers for security flaws. Testing begins with automated service enumeration and software fingerprinting. Next, LMG uses automated vulnerability assessment tools to identify known vulnerabilities in your servers. Our professional vulnerability scanning tools are always kept up-to-date and check for tens of thousands of known vulnerabilities.

Subsequently, LMG's experienced and creative consultants manually examine your systems for security issues, logic flaws, authentication bypass issues, and other vulnerabilities. In this manner, we identify issues that automated scanners do not detect---but hackers can.

Finally, LMG attempts to exploit selected vulnerabilities identified in your systems, in order to identify weaknesses and demonstrate security issues. LMG provides detailed information regarding exploitation so that you can reproduce each issue and remediate the underlying problem.

Internal Penetration Test

How secure is your internal network?

Test your network to see whether an employee, visitor, or inside attacker can gain access to your most sensitive data. LMG's penetration testers arrive onsite at your facilities and attach to the network at the location of your choice.

From the inside, LMG conducts comprehensive port scanning and service fingerprinting, and identifies known vulnerabilities in your internal systems. This includes a detailed manual examination of your internal network. LMG selectively attempts to exploit detected security vulnerabilities, working closely with your staff. You receive a detailed report with prioritized recommendations.

Mobile Device Penetration Test

If a laptop, tablet or cell phone is lost or stolen, can attackers get your data?

Test the security of your mobile devices---including laptops, tablets, and phones. Just ship our team at least two devices in the configuration of your choice. LMG's certified penetration testers will examine them and tell you whether attackers can bypass authentication and gain access to your valuable information. We can check to see whether your data is encrypted, and tell you what information can be retrieved with only physical access to the device.

You may also include network testing, to find out if your mobile device are vulnerable to exploitation when connected to untrusted networks. If you choose, you can provide credentials for privileged testing, to find out if normal users can modify device configuration or gain access to administrator functions.