Skip to main content
White Oak Security's header image features our logo, a white oak tree with its branches becoming circuits and a background of blue to light blue.

Engagement Process

GAIN DEEPER INSIGHT INTO THE THREATS AND VULNERABILITIES THAT COULD COMPROMISE YOUR ORGANIZATION

Built on industry-leading security methodologies—CREST, SANS, PTES, OWASP—and our own STEM methodology, our process delivers comprehensive results. We adhere to the following steps regardless of the type of vulnerability testing selected:

business people deep in discussion over their cybersecurity

Planning

Based on the nature of the testing, our team works closely with clients to understand their priorities before developing a calculated plan. Our planning guidelines allow us to work efficiently while remaining flexible to accommodate priority changes. 

pinpoint in your network, potential targets within your security environment

Research

Similar to a potential attacker, our team conducts research to determine how the target environment operates and how it integrates with other systems within your organization.   

penetration tester viewing multiple computer screens

Vulnerability Identification

Testers examine avenues of attack, threat agents, and vectors in the target environment to uncover technical vulnerabilities and identify the cause. We use both automated and manual testing methodologies, and we manually verify all identified vulnerabilities to minimize false-positives.

pentester hard at work on multiple computer screens

Exploitation

With your organization’s vulnerabilities identified, our team penetrates the target system using industry-leading techniques—Exploits, Escalation, Advancement, and Analysis—to gain unauthorized access, escalate that access and advance to other vulnerable systems. We use safe, proven exploits that will have little to no impact on system performance. 

an employee writing down important reporting data

Reporting

The most critical part of the process, reporting delivers a well-documented analysis of our findings in an actionable and detailed report that brings your organization’s security vulnerabilities to light. The result is a remediation roadmap that we walk you through, step-by-step, so your team thoroughly understands the vulnerabilities and areas of risk.  

one pentesting expert showing another how to remediate a problem

Remediation

With your report in hand, you can quickly prioritize your organization’s top vulnerabilities and build a plan for remediation.