Penetration Testing with Our Faculty

Penetration testing is only as good as the tester. Inexperienced consultants using standard tools provide little value when defending against sophisticated adversaries. You need testers as skilled as your attackers. IANS’ Penetration Tests are all led by leaders — and with many experts to choose from, each with their own tactics and techniques, you can regularly rotate pen testers without the inconvenience of switching providers.
Connect With Us

David Kennedy
Dave Kennedy, IANS Faculty

IANS Penetration Tests Are Customized for Your Environment

No two companies’ needs are alike, so our Faculty will discuss your objectives as a first step, ensuring that we tailor each engagement to meet the needs, concerns, and environment of your organization. We can identify vulnerabilities and provide information on the risk and impact across: 

  • External and Internal Networks
  • Hardware and Devices (including Mobile)
  • Physical Security
  • Social Engineering
  • Web Applications
  • Wireless Networks

We test according to industry standards such as PCI-DSS, OWASP, ISO27001, NIST, and others. Our approach is tailored to client needs, including:


We request no reconnaissance information from the client and approach the test as would a malicious attacker.


Clients provide basic reconnaissance information like IP ranges, applications, and domain names.


Reconnaissance information is provided by the client, saving time and associated costs.


Project Deliverables

Executive Summary

History, purpose and overview of engagement — suitable for non-technical and executive audiences to understand scope and outcome of project.

Purpose & Methodology

The technical reasons for the testing as well as the methodology used.


All vulnerabilities identified by root cause, sorted by severity, potential threats, likelihood of attack, and business impact. Findings are delivered in PDF and CSV formats to simplify integration with your tracking tools.


Practical, actionable, and prioritized short-term and long-term remediation guidance appropriate to the organization’s operations and technical environment.

Project Approach


Come check in to receive your program and CPEs while enjoying a complimentary continental breakfast.


Testers will map the target’s network architecture and systems/software, including open ports and system responses to identify potential targets.


IANS will use the information gathered during the mapping phase to focus our staff and, using commercial, open source, and custom tools and scripts, discover vulnerabilities to exploit the systems.


IANS will attack systems and applications to prove that exploitation is possible and gain access to the targeted data and assets. If in scope, we will develop social engineering and phishing exercises to test employee security awareness. Any critical findings are communicated to clients immediately.

Remediation Guidance

Technical details are provided on root causes of vulnerabilities, recommended remediation actions based on severity and business impact, and (when appropriate) compensating controls.

Reporting and Delivery

Included is an Executive Summary with technical details related to the findings, delivered via a final teleconference/meeting with key stakeholders and/or client technical teams.

Ask Our Experts About Penetration Testing

Ask-An-Expert (AAE) provides the ability to submit unlimited requests to the IANS Faculty. Our clients frequently begin by requesting AAEs to cover a variety of penetration testing questions relating to strategy, policy & process, controls, implementation, and operational optimization. Our deep-domain security experts share industry best practices, provide recommendations based off of real-world experience, and help to strengthen the overall strategy of your program. 

David Kennedy
John Strand, IANS Faculty

Here is what our clients are asking:

What best practices or industry standards do IANS Faculty recommend around conducting manual penetration testing in production environments vs. dev/test environments?
In terms of the technical aspects of penetration testing, what are the critical steps that IANS Faculty believe the team should focus on when conducting penetration tests against the networks, apps, data and other digital components?
How have other IANS companies built out internal penetration testing programs and corresponding frameworks?
Exclusive of phishing simulation and physical security testing methods, what does IANS recommend in terms of what to test for, best practices, procedures and strategies in conducting penetration testing for both on-premise enterprise environments, and the organization’s virtual private cloud?
What would be the IANS Faculty’s first steps in standing up an internal Red Team, working with vendors for training, and scoping Red Team engagements?
Based on experience, what are the IANS Faculty recommendations for Breach Attack Simulation tools for testing defined TTP ‘use cases’ in a repeatable and automated fashion?
Success! Thanks for filling out our form! Loading animation

Looking for a Detailed Ask-An-Expert Example?

Fill out the form below to access a full Ask-An-Expert Writeup.

Ask-an-Expert Writeup icon
Decide Where to Do Manual Penetration-Testing: Production or Dev/Test

Is it better to do manual penetration-testing against the production environment, or limit the scope to development/test? In this Ask-an-Expert written response, IANS Faculty Jake Williams says there is no easy answer but details some key issues to factor into the decision.


* Required Fields

The IANS Difference

Security Focus
We focus solely on improving our clients’ security, risk, and compliance programs by helping them make more trusted and vetted security decisions.
Actionable Guidance
We guide clients to the best resources for their goals with a Faculty of over 60 expert practitioners.
Industry Experts
All projects are staffed by industry-recognized information security experts with deep, hands-on domain and technical experience.
Clear and Concise
Our guidance is actionable and practical. It is designed to communicate issues clearly to executives, and to reduce risk.
We work with organizations of all sizes and adjust projects to be appropriate to the business goals and technical maturity of each organization.