Network penetration testing is a security test where experts try to hack into an organization's computer network to find vulnerabilities and weaknesses. It's like a "mock" hack to see if a hacker could get in and cause damage. The goal is to identify any problems and fix them before a real hacker can take advantage. It's basically a way to check the security of an organization's network.

vPenTest is an automated network penetration testing platform that runs the exact same steps and processes performed by a security consultant doing a live pentest. This includes technical tasks such as host discovery, service enumeration, vulnerability analysis, exploitation, post-exploitation, privilege escalation and lateral movement, as well as documentation and reporting. 

In short, we’re doing a full network pentest going after anything that gets an IP address and uses network services. Our ultimate goal is to get the highest level of privileges and prove access to sensitive information. 

vPenTest combines the knowledge of multiple highly skilled penetration testers along with numerous tools and techniques used in the industry by penetration testers with over a decade of experience and certifications.

A vulnerability assessment simply informs an organization about the vulnerabilities that are present within its environment. However, a vulnerability assessment does not attempt to exploit those vulnerabilities to determine the potential impact of successfully exploiting those vulnerabilities. This is not a flaw with vulnerability scanners; they just simply aren’t designed to do this.

vPenTest differs in that it is able to perform exploitation and post-exploitation techniques to demonstrate to customers how successfully exploiting a vulnerability could potentially lead to further access to systems and/or confidential data leakage within their environment.

1. Provide flexibility to your customers, allowing for penetration tests to be performed at any time.
   
   
2. Provide more value in penetration test reports, including activity logs for customers to increase visibility on their networks.
   
   
3. Ability to provide on-going penetration tests to customers with real-time activity tracking in the vPenTest dashboard.
   
   
4. Don’t settle with just a vulnerability scan, with vPenTest you can perform a full pentest with the same work a vulnerability scanner would require, and come back with more detailed comprehensive reports.
   
   
5. Significantly more affordable with better results than a traditional network penetration test. Scripted testing from a toolset means that there won’t be an item on the checklist missed, whereas a manual process may be prone to human error.
   
   
6. Ability to assign modules to customers based on IPs and schedule flexibility

vPenTest allows managed service providers to compete with traditional cyber security firms due to its competitive pricing structure, value within the deliverable documentation that it provides, along with its speed and efficiency performing a penetration test.

Additionally, since vPenTest provides activity logs to help customers identify where detection and response gaps may exist, this allows MSPs to sell additional services to their customers, further driving the security posture of their customer as well as providing an opportunity to increase revenue and lock in your services.

Traditional penetration tests are extremely time-consuming, whereas vPenTest can run numerous tools simultaneously, wait for them to complete, automatically analyze the results, and determine its next move. This saves a significant amount of time from simply running one command at a time. Furthermore, vPenTest reduces the time spent reporting from 6 hours (average between reporting, QA, etc.) to less than a minute. That’s a 29,900% speed increase per assessment that it saves.

Yes, the entire solution meets compliance requirements for regulated industries: PCI, HIPAA, SOC2, etc., and cyber insurance. To meet GDPR compliance there’s just an acknowledgement form we’ll need to sign together that data is stored in the US. We have our SOC 2 Type 1 and SOC 2 Type 2 is currently in review.