Penetration Testing
Strengthen Your Security with Expert Penetration Testing
CDW has conducted thousands of penetration tests and specialized in cybersecurity for over 15 years; contact one of our consultants to discover your environment's vulnerabilities and how you can remediate them.
Book a Penetration Test
Penetration Testing Overview
What is penetration testing?
Penetration testing involves simulating real-world attacks to find vulnerabilities before malicious actors exploit them. Think of it as hiring ethical hackers to see where your defences might crumble. It helps uncover hidden weaknesses, boosts overall security and ensures your sensitive data stays protected.
Learn More
Our penetration testing approach
Testing methods
Depending on the specific objectives of your business, we offer several methods of testing:
- Zero-knowledge testing: Testing with no prior information about the target, network or application
- Partial-knowledge testing: Testing with some information about the target, network or application
- Full-knowledge testing: Testing with full information about the target, network or application
The industry standards we use
We use industry best standards for performing penetration tests:
- Open web application security project (OWASP) testing guide: Standard utilized for web application vulnerability assessments and penetration tests
- OWASP mobile top 10: Standard utilized for mobile vulnerability assessments and penetration tests
- Penetration testing execution standard (PTES): Standard utilized for intelligence gathering, social engineering, wireless and network penetration tests
- NIST technical guide to information security testing & assessment (sp800-115): Used as a general approach for conducting security testing and assessments
- MITRE ATT&CK Framework: Development of specific threat models and methodologies
What we deliver
We provide a report with a summary of the penetration testing activities conducted.
The report includes:
- An executive summary of results
- Testing methodologies, phases and tools utilized
- Detailed vulnerability findings, recommended solutions and effort required for remediation
- Activity description of attack scenarios or exploitation
- An optional presentation of the critical vulnerabilities and findings
New to penetration testing?
A targeted attack penetration test (TAP) is a great option if your company is new to penetration testing.
CDW’s targeted attack penetration test focuses on evaluating and exploiting common attack paths found in your environment. Our security team will work to explore your potential risk exposure and provide recommendations on how to remediate the findings identified during the test. Evaluating your organization’s defences against common tactics will enable you to meaningfully improve your organization’s security posture and help you prepare for future security events.
Our Security Process
Why CDW for penetration testing?
Manual Approach
We don’t simply run an automated tool and generate a report; we put a lot of effort into emulating how a threat actor would want to get into your network.
We’ll Keep on Testing
If we manage to compromise the environment, we won’t stop there; we will take a step back and look for every possible way to achieve the same objective.
We Consider Your Organization
We understand that every organization has unique critical assets. We focus on what is most important for you while performing the test.
Depth of Experience
Extensive experience conducting network and infrastructure penetration tests in complex and highly sensitive environments.
Breadth of Experience and Knowledge
We’ve done testing in all industry verticals across Canada and bring you the knowledge of all our resources.
Security Experts
Our consultants have experience in aiding different-sized organizations, meaning we can help design security controls and processes that are tailored to your organization.
