Services

Services Overview
Our team of highly skilled and specialized consultants perform the difficult offensive security tests that go beyond in-house testing.
Learn More

Application Security
Penetration testing of your mobile apps, web apps and thick clients. We also provide API security testing and application security code review.
Infrastructure Security
Identify critical network vulnerabilities through External/Internal Penetration Testing, PCI Penetration Testing, Wireless Penetration Testing, Cloud Security Assessment and Remote Access Penetration Testing.
Adversarial Simulation
Uncover organizational weaknesses through Red Team, Purple Team, Social Engineering, Threat Emulation and Threat Hunting.
Device Security
Identify medical and embedded devices in an IoT-enabled environment and test critical hardware technologies to locate vulnerabilities and security-related issues.
Strategic Services
Utilize the years of experience and deep industry knowledge of our team of security consultants for AppSec Program Management and Developer Security Training.
Cloud Security
Assess and protect your cloud data, applications, and infrastructure in all cloud environments, including AWS, Google Cloud, & Microsoft Azure.
Process
- Process Overview
- STEM Methodology
About Us
Blog
Careers
Contact Us

Adversarial Simulation

GitHub Cave Of Wonders: Secrets – Part 1

GitHub Cave Of Wonders – Part 1 begins to dive into secrets management & how data repositories are a treasure trove for malicious threats. Read White Oak’s blog

Bypassing Defenses: Cylance

Bypassing defenses with Cylance during a White Oak Security’s red team engagement to extract domain admin credentials from LSASS leads to a HUGE compromise.

Phishing Attack: A Modest Email Investigation

Ever get a weird scam email and wonder why? Here is a White Oak Security blog about phishing attacks, a modest investigation into a few phishing emails we got.

Skim Job: Skimming Your Way In

Skim Job is White Oak Security’s RFID skimmer project, discover how we did this social engineering RFID security attack of skimming our way into client buildings.