top of page
Cadence Screenshot.png

Continuous
Penetration Testing

Webcheck Cadence is the next evolution of our World-Class Pen testing, using our continuous testing methodology or CTEM (Continuous Threat and Exposure Management)

Ask us about Shield and Active Directory scanning for threats and misconfigurations

Full penetration testing is a deep-dive, real-world attack performed by certified, ethical hackers with full documentation, using many tools and manual techniques.

Tactically, it is difficult for most organizations to rally and pause for a penetration test more than once a year.

Webcheck Cadence solves this problem with one or more complete penetration tests followed by a cadence of hybrid testing.

What’s included?

A Webcheck Cadence package includes

  • 1 or more penetration tests on target assets - full reporting

  • A cadence of hybrid tests on the same assets.

    • Clients may choose what cadence works best for them. We recommend quarterly tests.​

What’s the “hybrid” test?

A hybrid test uses specific or particular scanning tools for infrastructure and/or web applications. The hybrid tests identify many vulnerabilities, but unlike the full pen test, not all. In this hybrid today however critical risks will be validated and flagged in the report.

Outcome?

  • Better continuous risk management

  • Year-round coverage of applications, internal and external infrastructure including WiFi Access Points*

  • Peace of mind related to ongoing device, infrastructure deployment

  • Peace of mind related to code deployment. 

*WiFi option for small additional fee per location.

Ready to set your Cadence? Contact us to get started!

At-a-Glance Definitions:

  • External Testing – Testing publicly visible or available IP addresses to find and exploit vulnerabilities which may lead to critical access or data breach

  • Internal Testing – Testing behind the firewall or authenticated into target LAN/WAN segments in order to test internal/private IP addresses or assets, with the objective of gaining root access or access to critical data

  • SSID Testing – WiFi testing of one or more locations and all SSID’s to find vulnerabilities of bad passwords, outdated encryption/authentication protocols, with the objective of gaining critical access to servers, data, assets

To learn more about finding a pen tester, check out this article:

Internal and SSID Testing

Webcheck engineers offer options for internal and SSID testing, from shipping and installing specially configured boxes in an easy process, to downloading a VM from a secure location. We will consult with you after engagement to discuss your testing preferences and make the testing process suited to your environment.

bottom of page