Converge Network penetration testing

Converge’s penetration-testing methodology is based on components from NIST SP800-115, the Penetration Testing Execution Standard (PTES), and the Open Web Application Security Project (OWASP) Top 10. Converge maintains a separate, detailed penetration testing methodology document that is available upon request.

This penetration test will help you to identify potential vulnerabilities and provide prioritized recommendations for remediating findings.

Deliverables Converge will provide your organization with a detailed report of the high-level results, methodology used, narrative of testing, and detailed findings and recommendations. The report includes the following components:

• An Executive Summary section suitable for delivery to management that provides a high-level summary of the work performed and the key findings and recommendations.
• A penetration testing findings section providing a narrative of the assessment activities and detailed technical findings. Attacker tactics, techniques, and processes are mapped back to the MITRE ATT&CK framework.
• A separate spreadsheet format document that lists all vulnerabilities by IP address and enables the company to distribute, track, and monitor the status of every vulnerability instance throughout the remediation process. Reports are reviewed by a technical peer and edited as part of a quality assurance (QA) process, and then delivered to the customer immediately upon completion of the QA process. Retesting of remediated findings is an optional component that can be added.

The reports can be used for compliance audits that require security testing, such as PCI-DSS and HIPAA, and have been designed with compliance reporting requirements in mind.