ACROS Penetration Test is a realistic "friendly" simulation of an "Advanced Persistent Threat" attack on an IT system - corporate IT infrastructure, electronic bank, power plant network, stock trading system etc. Our highly skilled team of security experts assumes the role of a motivated group of professional hackers and attempts to accomplish a variety of agreed-upon mission objectives (also called goals or flags), such as getting access to target network, executing unauthorized transactions, obtaining secret corporate information, demonstratively damaging production capabilities or disabling networks. Although we're using numerous commercial and in-house tools, our success is mainly a product of our resourcefulness, ability to quickly understand how unknown systems work, to hide our actions from all sorts of intrusion/anomaly detection systems by "flying below the radar", ability to quickly find and exploit previously unknown vulnerabilities in systems and applications, to penetrate security mechanisms such as firewalls or content filters, to propagate covertly through the target network, to gather intelligence data and elevate privileges - and mostly, to use these skills efficiently while steering the attack towards the specified mission objectives.
ACROS Penetration Test is not a vulnerability scan. It is also not a hypothetical exercise about expoitability of some particular vulnerability in your system. ACROS Penetration Test is as close as it gets to a real "Advanced Persistent Threat" attack without the actual damage. A customer gives us a set of very specific catastrophic events that could be devastating to their business - and these then become our mission objectives, which we try to accomplish (and not just theoretically). Our only limitations compared to a real attack are: we must not break the law (or contracts), and we must not cause damage or expose customers to undue risk.
. Reference Projects
. Customer Quotes
. ACROS Penetration Test
Frequently Asked Questions