vPenTest is Softlanding’s platform that automates network penetration testing for any organization. It uses the expertise, methods, processes, and tools of professional security consultants to identify and report vulnerabilities in your network.

Our Methodology

vPenTest combines multiple methodologies that were once manually conducted into an automated fashion to consistently provide maximum value to organizations.

  • Internal Network Penetration Testing

Using a device connected to your internal environment, our consultants will discover security vulnerabilities present within the internal network environment. These activities simulate that of a malicious attacker.

  • External Network Penetration Testing

Assuming the role of a malicious attacker from the public Internet, our consultants will identify security flaws within your external network environment. These flaws can include patching, configuration, and authentication issues.

What's included?

Our penetration testing service allows your business to perform ongoing security assessments of your environment without the challenges of traditional security assessments.

Egress Filtering Testing

Automatically perform egress filtering to ensure that your organization is effectively restricting unnecessary outbound traffic. Unrestricted outbound access can allow a malicious actor to exfiltrate data from your organization’s environment using traditional methods and unmonitored ports.

Authentication Attacks

Upon the discovery of user account credentials, vPenTest will automatically attempt to validate those credentials and determine where they are most useful. This is a common process executed by both malicious attackers and penetration testers and is performed during privilege escalation.

Privilege Escalation & Lateral Movement

Using a valid set of credentials, vPenTest will attempt to identify valuable areas within your organization. This is conducted through a variety  of methods, including the use of vPenTest’s Leprechaun tool which assists in identifying where sensitive targets are.

Data Exfiltration

Critical data leaving your organization is an extremely serious concern. If access to confidential and/or sensitive data can be attained, vPenTest will simulate and log this activity to help your organization tighten areas that should restrict data exfiltration.

Simulated Malware

With elevated access, vPenTest will attempt to upload malicious code into remote systems in an attempt to test the organization’s endpoint anti-malware controls.

Reports available within 48 hours

Our detailed deliverables will allow your network staff to cross reference our activities with monitoring and alerting controls

Why should you run a vPentest?

vPenTest helps organizations solve an ongoing challenge of meeting compliance, achieving security best practices, and researching multiple vendors to compare numerous factors to meet their offensive security needs.