Voodoo offers a range of security services that can help clients understand their risk posture more clearly and take definitive steps to improving it.
Network Vulnerability Assessments and Penetration Testing
Network vulnerability assessments focus on discovering potentially vulnerable services, applications, and operating system components available on both internal and external-facing networks. Voodoo uses a variety of well-known tools and techniques to search for available systems and services, probe them for known and potential weaknesses, and then optionally exploit them in a variety of ways during a penetration test. The goals of these assessments vary widely – some clients need a penetration test to simply “check the box” for compliance, while others are more focused on truly understanding the risks to systems and data from a network perspective. Whatever your goals may be, Voodoo can help, as we have extensive experience performing these tests and providing maximum value in both vulnerability reporting and remediation guidance.
Web Application Assessments and Penetration Testing
Most organizations are leveraging web applications for various business functions today. However, Web application vulnerabilities are one of the most readily exploited by attackers, and can lead to data leakage, application and system compromise, and other successful attacks. Voodoo Security experts have years of experience assessing Web applications for vulnerabilities exposed by poor coding practices, known vulnerable platform, or flawed application logic. By testing applications with both defined business use cases and unexpected approaches favored by attackers, we’ll uncover weaknesses and help you fix them with detailed remediation suggestions.
Social Engineering Tests
Most organizations have a security awareness program today, which usually aims to educate employees about information security risks that they can help mitigate by following general security best practices when interacting with fellow employees, business partners, contractors, etc. However, few organizations can tell how well their programs are working, and Voodoo Security’s social engineering tests are intended to test awareness programs in a number of different ways. Using email, phone calls, physical security techniques, and a variety of other methods, our experts will validate your awareness program and determine where it’s working as it should, as well as opportunities for improvement.