close

Need Help Right Away?

Been hacked? Lost your data? We can help.
Incident Control and Response - Our team can act quickly to locate the breach in your systems and secure it against future incursions. With our specialized tools and expertise, there's no system we can't secure!
Forensics and e-Discovery - Our experts have performed investigations in some of the most sensitive environments in the world.  We will handle your case quickly, professionally and discreetly.
24x7 Product Support - We offer a range of Extended Support Service contracts to support you. Call us for details!
Call 1-703-266-6006 or email support@prometheus-group.com
Top Panel
Need Help Now?
Top Panel

Experience the Prometheus Group Difference

A firm of experts

Work with a firm that employs only experts.

Collaborate with a company that strives to understand the unique requirements of each client.

Consult with a team of experts who have designed, built and secured some of the world's most critical systems.

Team with a partner that can guarantee results.

Prometheus Group - Securing the Network, Unlocking the Possibilities
Penetration Testing

 The founders of The Prometheus Group were pioneers in the field of Penetration Testing in the early 1990s. In turn, they have imparted their methodologies, techniques and knowledge to a new generation of engineers who have embraced the latest in security technologies. The marriage of this knowledge with these technologies has resulted in an unparalleled depth of experience and expertise into Penetration Testing.

The Prometheus Group understands that data security is about more than just technical controls. This is why our Penetration Testers are also trained in Social Engineering attack techniques. We will employ the same tools and methods that malicious outsiders would use against your organization. For example, methods use such as dumpster diving, social engineering, physical access compromise and 'simulated sabotage' would be utilized. While these techniques may seem extreme, it is important to remember: "Bad guys don't follow rules, and they don't play nice."


Before we test your network, we provide you with a fully documented test plan and work with you to find an acceptable level of exploitation, and define Rules of Engagement for the operation. We will notify you immediately if the test results include any critical security flaws or any other event that would require emergency intervention on your network. After completion of the Penetration Test, The Prometheus Group's Security Engineers will report the findings to management and technical personnel, illustrating the techniques, analysis, and results of the assessment. The report covers:

  • Executive summary
  • Technical vulnerability report
  • Network design weaknesses
  • Process weaknesses
  • Other security weaknesses
  • Recommended mitigation/remediation measures
  • Other recommended actions on maintaining a secure network environment

The ever-increasing volume, complexity and sophistication of attacks on organizations requires that you maintain constant vigilance in all aspects of data protection. We work with you to determine the appropriate frequency for penetration testing to ensure that your network and information are protected from new sources and types of malicious attacks.

NOTE: The goal of a Penetration Test is to break into a network. To do so, The Prometheus Group's engineers must necessarily pose temporarily as bad actors. Truly bad actors are not constrained by client requirements, uptime issues or proper authorization. While The Prometheus Group takes careful measures to avoid any negative impact while posing as bad actors, the attack tool set and techniques necessarily become more direct, and the risk of negative impact rises. Another way of viewing the process is thus:

Prometheus Client
RISK
Cooperative Cooperative Low
Cooperative Hostile 
Hostile Cooperative  
Hostile Hostile High

The vast majority of Security Posture Assessments fall into the top category, Cooperative-Cooperative, with some elements of Cooperative-Hostile. Penetration Testing normally falls into the bottom two categories, where The Prometheus Group assumes a hostile posture and utilizes a larger and more ‘unfriendly’ tool set, up to and including denial-of-service tools. Some of the techniques utilized by The Prometheus Group are large-scale packet manipulation, Layer 2 protocol manipulation, buffer overflows, SQL injection, social engineering, spear-phishing, and other techniques considered ‘hacker’ activities. These practices carry an element of risk which may not be suitable for certain organizations, in which case we recommend a Security Posture Assessment using industry-standard tools and techniques as an alternative.