Perimeter Security Assessment & Penetration Testing (PSA)

External vulnerability assessment, manual validation and penetration testing of Internet facing networks, systems, sites and applications (aka the hacker’s perspective). Includes identification, manual validation and benign exploitation of vulnerabilities, along with actionable remediation recommendations for improved security. Provides assurance that Internet-facing networks and systems are protected from hackers/malware.


#1We're the best ‐ We're not just making this up. Our clients tell us that we're the best pen-testing firm they've worked with. And we have some great clients.

0Zero-days ‐We don't just find the vulns that everyone already knows about, we find new and undiscovered vulnerabilities as well – meaning with us you are ahead of the hackers.

Awesome deliverables ‐We take a lot of pride in our reporting. Our reports are super informative and look great – and following our recommendations improves your security.


  Get a Quote

  • Penetration testing through custom-built and pre-existing exploits to test real severity
    • Illumant's pen testing and manual testing techniques are continually updated through research and participation in hacker forums and conferences (e.g. BlackHat, DEFCON, SANS)
  • Manual testing to find additional vulnerabilities not found by scanning tools
  • Testing can be performed overtly or covertly (with or without informing IT and security personnel)
  • Best-of-breed open source and commercial vulnerability harvesting tools
    • A cross section is used to limit exposure to the limitations of any single tool, and reap the benefits the strengths each tool provides
  • Manual validation to eliminate false positives, confirm findings
  • Scanning to baseline vulnerabilities and security risks
  • Classification of severity of findings
  • Remediation recommendations
  • Benchmark analysis of results vs. industry
  • Free Retesting (within 6 months of initial)


Internet-facing networks, systems, applications, services, ports, protocols:

  • Web sites
  • Web applications (non-credentialed testing )
  • Servers
  • VPNs
  • Firewalls
  • Border routers
  • Internet-facing services (FTP, Telnet, SSH, and many more)
  • 100,000+ known vulnerabilities, client-specific vulnerabilities in custom applications, configurations and software

external vulnerability assessment manual validation penetration testing practical remediation advice exploits

Internet-facing systems/networks web sites web applications (without credentials) servers routers firewalls VPNs

PCI HIPAA GLB NERC CIP best-practices