Skip to main content


Our experience and expertise have heavily influenced the creation of this document and we have worked to provide an approach that will be extremely effective in meeting your goals while maximizing the value of those services.

White Oak Security utilizes an in-depth process that incorporates both our experience as well as industry-leading standards to ensure that our results are both as complete and as useful as possible. To provide more information regarding the specic services discussed in this document we have incorporated information regarding each below.

Our services are built around deep technical knowledge and experience coupled with an effective and practical approach to remediation and program development.  In the past, most security consulting companies fell into one of two camps – extremely technical and ‘cutting edge’ or compliance-focused and rigid.  White Oak incorporates both of these ideas into our approach.

We utilize our long experience as well as follow industry-leading methodologies in our testing program (CRESTPTESOWASP, etc.).  All of these methodologies ensure that we provide a fully comprehensive penetration test while also ensuring that important industry standards such as PCI, HIPAA, and GDPR are effectively addressed.

Application Security

Penetration testing of your mobile apps, web apps and thick clients. We also provide API security testing and application security code review.

Adversarial Simulation

Uncover organizational weaknesses through Red Team, Purple Team, Social Engineering, Threat Emulation and Threat Hunting.


Infrastructure Security

Identify critical network vulnerabilities through External/Internal Penetration Testing, PCI Penetration Testing, Wireless Penetration Testing, Cloud Security Assessment and Remote Access Penetration Testing.


Device & IoT Security

Identify medical and embedded devices in an IoT-enabled environment and test critical hardware technologies to locate vulnerabilities and security-related issues.


Strategic Services

Utilize the years of experience and deep industry knowledge of our team of security consultants for AppSec Program Management and Developer Security Training.