Network & Security
Penetration Testing & Security Assessment
Most SMBs assume their IT setup is secure — until a breach proves otherwise. A penetration test goes further than a standard audit: our consultants actively attempt to exploit misconfigurations and weak controls the same way an attacker would, then document exactly what was found and how to fix it. Three focused security assessment services, sized and priced for US small businesses. All engagements include a plain-language executive summary, risk-ranked findings, and a phased remediation roadmap.
Service A — Internal Network Penetration Test
Grey-box assessment of your internal network covering firewall rules, VLAN segmentation, Active Directory attack paths, and management plane exposure. Delivered remotely via VPN or on-site.
Network Segmentation
Are your VLANs actually isolated? Guest Wi-Fi bridging to corporate LAN is one of the most common critical findings in SMB environments.
Active Directory Attack Paths
Kerberoasting, password spraying, BloodHound privilege escalation mapping — the same tools attackers use to move from a standard user to Domain Admin.
Credential Exposure
LLMNR/NBT-NS poisoning, NTLM hash capture, default credentials on printers, switches, IPMI, and NAS devices reachable from user segments.
Deliverable: 20–40 page PTES-structured report, CVSS-scored findings, 30-day free retest Pricing: from $6,000 (single-site, up to 50 hosts)
Service B — External Attack Surface Assessment
Fully remote, zero-credential review of everything your business exposes to the internet. No on-site access required. Ideal as a first engagement — results typically surface issues that justify deeper internal work.
Public IP & Subdomain Enumeration
Shadow assets, forgotten test environments, exposed admin portals — discovered via Shodan, certificate transparency, and DNS enumeration.
VPN & RDP Exposure
Firmware CVE checks (SonicWall, FortiGate), RDP exposed on 0.0.0.0/0, brute-force exposure — the most common entry points for ransomware groups targeting US SMBs.
Microsoft 365 External Surface
OAuth app permissions, external sharing policies, Teams guest access, Azure public storage containers, and NSG misconfigurations exposing management ports.
Deliverable: CVSS v4.0-scored report with Shodan/screenshot evidence, 30/60/90-day remediation roadmap Pricing: from $3,500 (standard SMB perimeter)
Service C — Microsoft 365 & Azure Security Review
Configuration-only review of your Microsoft 365 tenant and Azure subscription. Fully remote. No agent or software installation required — assessment runs via delegated read-only access.
MFA & Conditional Access
Legacy authentication protocols still active are the #1 route attackers use to bypass MFA. We identify every gap in your Conditional Access coverage and legacy auth exposure.
Admin Role Sprawl
Global Administrator over-assignment is the most common critical finding — target is 2 or fewer GA accounts. We audit every privileged role assignment against least-privilege principles.
Secure Score & HIPAA Alignment
Maester automated test report (280+ checks), current Secure Score vs. realistic SMB target (60–75%), and findings mapped to HIPAA Security Rule and SOC 2 Trust Service Criteria.
Deliverable: Maester automated test report (280+ checks), executive summary, 30-day Secure Score retest Pricing: from $3,500 (standard SMB tenant)
Bundled Packages
SMB Security Review
External Assessment + M365 Review: from $6,000
Full SMB Pentest
Internal + External + M365 Review + Retest: from $10,000
All engagements include a non-technical executive summary — suitable for presenting to your management board, insurer, or enterprise customers who require vendor security attestation.
Who This Is For
- US businesses that handle sensitive data (PHI, financial records, PII) and need to demonstrate due diligence for HIPAA, SOC 2, or cyber insurance requirements
- Companies responding to enterprise customer security questionnaires that require documented pentest evidence as a procurement condition
- Organizations that have completed an IT security audit and want to validate remaining controls through active exploitation testing
Frequently Asked Questions
What is a penetration test, and how is it different from a vulnerability scan?
A vulnerability scan is automated software that checks your systems against a database of known weaknesses. It's fast and useful for routine checks, but produces results without context — a long list of findings, some critical, some irrelevant, with no guidance on what an attacker would actually do with them. A penetration test goes further: a human tester actively attempts to exploit vulnerabilities the same way a real attacker would, chaining together weaknesses no automated tool would flag as connected. For organizations that need to demonstrate due diligence to insurers, enterprise customers, or regulators like HIPAA and SOC 2 auditors, a pentest provides evidence that automated scans cannot.
Will the penetration test disrupt our business operations?
For external and web application tests: rarely. We configure testing intensity to avoid service disruption. For internal network tests: there is more potential for impact, which is why we coordinate closely before and during the engagement. We won't conduct destructive tests (data deletion, system encryption) without explicit written authorization, and we won't target production databases with live data in ways that risk data loss. Any testing that carries meaningful disruption risk is discussed and agreed before it begins.
What do we receive at the end of the assessment?
A written report in two sections: (1) Executive summary — a non-technical overview for management and stakeholders covering what was tested, what was found, the overall risk rating, and the three to five most important actions to take. This section can be shared with leadership, your board, insurers, or customers as evidence of your security posture. (2) Technical findings — a detailed breakdown of every identified vulnerability with description, evidence (screenshots, tool output), CVSS severity rating, affected systems, and a specific remediation recommendation. We also offer a follow-up call to walk through findings with your technical team.
How much does a penetration test cost?
Pricing depends on scope: the number of systems, IP ranges, applications, and the type of assessment. As a general range: external network assessments for SMBs typically start around $1,500–$2,500. Web application tests vary more widely depending on application complexity. Comprehensive multi-component assessments typically range from $4,000–$8,000. We provide a fixed-price quote after a short scoping call. There are no surprise charges — the quote covers everything including the final report and follow-up call.
Start With a Free Scoping Call
Not sure which assessment you need? We'll review your current setup and recommend the right starting point — with no commitment. Most scoping calls take 20–30 minutes.