Enroll today and get access to the PENTESTON® workbench to identify business logic issues, validate findings, and share security tasks. 

After eligibility verification, we will provide you with access to the platform and a 10-factor benchmark report that will score your businesses internet facing attack surface in the following categories:

    1. Web Application Security Score
      • Clickjacking, Cross Frame Scripting (XFS), and Cross Site Scripting (XSS) vulnerabilities
      • Vulnerable and misconfigured cookies
      • Identified booter shells
      • SQL & Blind SQL injection vulnerabilities
      • Directory traversal vulnerabilities
    2. Network Security Score
      • Exposed network services, software versions, ports, and associated vulnerabilities 
      • SSH encryption strengths and practices 
      • SSL certificate status, encryption and cipher strengths
    3. Endpoint Security Score
      • Metadata related to:
        • Operating systems
        • Web browsers
        • Active plug-ins
    4. IP Reputation Score
      • Peer-to-peer (P2P) activity
      • Tor exit and intermediary nodes
      • Malware duration behavior
      • Historical behavior of malware (last 24 hours, last 30 days, last 365 Days)
    5. Social Engineering Score
      • Social network data
      • Public data feeds
      • Corporate email address attribution 
      • Employee satisfaction 
      • Insecure security questions
    6. Hacker Chatter Score
      • Hacker forums
      • IRC channels
      • Social network conversations
      • Hacked news mentions
      • Defacement mentions
    7. DNS Health Score
      • Proper DNS setup
      • Sender Policy Framework (SPF) 
      • DKIM Configuration 
      • DNS hostnames 
      • DNS records
    8. Cubit Score
      • Blacklisted databases
      • Spam activity
      • Exposed subdomains
      • WHOIS configurations
    9. Patching Cadence
      • Exposed endpoint vulnerabilities (CVEs)
      • Insecure and outdated software, hardware, services, applications, and operating systems
      • Time between patch release and patch application
      • End of Life/Service products
    10. Password Exposure
      • Exposed data leaks
      • Keylogger dumps
      • Database dumps
      • Public and private hacker chatter sources