Advisory Services

Our combination of technology and services can also help identify, facilitate, and meet many of the complex compliance demands today’s companies face. Many types of businesses are tasked with the responsibility of protecting highly sensitive information, and a breach can be costly, litigious, or both. With expertise in advisory and consulting services in addition to threat hunting and incident response, Pondurance offers a unified front against auditors and would-be attackers. Multiple Qualified Security Assessors (QSAs) for PCI DSS, several HITRUST-certified professionals, and a team of experts specializing in HIPAA compliance help companies avoid overlap or gaps in security program coverage.

Incident Response Planning

Pondurance helps organizations review and/or develop Security Incident Response Plans to ensure that procedures are robust and actionable in all phases of the incident response lifecycle. Specifically, Pondurance will work with client to improve or establish an IR lifecycle that contemplates the following:

  • Preparation – Establish Management Commitment and organizational accountability, and allocation of resources to prepare.
  • Detection and Analysis – Pondurance will inventory and define the countermeasures used by client to identify a security event, contain a security incident, limit its spread and protect client systems. Pondurance may make recommendations for improvement, in addition to documenting the current state.
  • Containment – Pondurance will develop procedures that client may execute in containing the damage and restoring affected systems to their normal operating state.
  • Eradication – In the course of developing the procedures, Pondurance may recommend procedures that are delineated by internal execution and those that may be best executed by third parties (i.e., forensic analysis, memory scraping and analysis, system cleaning, etc.) to eradicate malware.
  • Recovery – Pondurance will develop procedures for client that provide a basis of recovery for minimum operations, if a return to normal operations cannot be achieved.
  • Learning – Pondurance will develop a plan for testing the plan during periods of calm, integrate lessons learned from exercises and real-world incidents. Pondurance will also facilitate a tabletop exercise as part of the development and implementation of the updated plan.

Advisory services planning

Enterprise Security Testing

Penetration Test

External Testing is performed from outside the enterprise network environment from the Pondurance Penetration Testing Laboratory. This focal point is representative of the visibility an outside attacker would have at a point in time from the public Internet.

Internal Testing is performed from inside of the network environment. This focal point is representative of the visibility an inside adversary or employee would have at a point in time from the internal network. Most network compromises occur today, not due to an external breach of the perimeter, but due to an initial foothold from the internal environment. This could be initiated by a malware infection or lost credentials due to a phishing attack, drive-by malware, or an insider threat. Pondurance, if unsuccessful in breaching the perimeter during the External phase, will leverage a physical or virtual machine with no domain credentials to simulate and demonstrate how an attacker could elevate privileges and move laterally to compromise other subnets and eventually, the domain. The end goal is to attempt to get Domain Admin rights if possible, but our testers also know to look for valuable intel such as sensitive information on file shares, Active Directory users and hashes which can be cracked and analyzed, and configuration weaknesses.

Security testing

The following describes, at a high level, the methodology that Pondurance employs to execute a penetration test:

  • Information Gathering –Perform comprehensive discovery and enumeration procedures to target pertinent internal address ranges. Establish a baseline of services to manually test for common configuration issues and vulnerabilities.
  • Vulnerability Discovery –Perform detailed security analysis and vulnerability scanning using a comprehensive suite of commercial and open source tools targeting internal devices. Additionally, credentials may be leveraged to gain additional insight of the organization’s ability to update systems in a timely fashion for both operating systems and third-party software.
  • Verification & Manual Testing –All identified vulnerabilities will be reviewed and validated to eliminate false positives. Manual testing procedures will be executed to identify flaws not easily identifiable with automated tools. Additionally, penetration testing is performed against identified vulnerabilities, leveraging public proof of concepts, weaponized exploits, and sometimes custom crafted zero-day exploits by the Pondurance team.

Application Security Testing

Dynamic Application Testing (DAST)

Pondurance will perform detailed application security analysis and vulnerability scanning using a comprehensive suite of commercial and open source tools. The testing encompasses the various tiers of the application architecture to provide a comprehensive assessment of the critical application. Areas of the testing include but are not limited to:

  • OWASPTop10
  • Verification&ManualTesting

Static Application Security Testing (SAST)

SAST is a set of technologies designed to analyze application source code, byte code and binaries for coding and design conditions that are indicative of security vulnerabilities. SAST solutions analyze an application from the “inside out” in a nonrunning state.

  • Information Gathering & Isolation
  • Automated Methods
    Verification & Manual Review

Red Team Exercise (Physical Penetration Testing)

Pondurance can attempt to enter the facilities with the intent to gain access to sensitive areas that may directly contain hard-copy information or provide additional opportunities to escalate electronic access privileges. Pondurance will not remove anything from the premises that would be considered a “breach” in a real scenario. During the course of our procedures, Pondurance will execute techniques that place personnel in the position to “assist” us, and otherwise place them in a situation where they inadvertently disclosed sensitive information. At no point are personnel placed in a position of danger, and sound judgment by the team is exercised in conducting all physical penetration test activities at all times. Lastly, all scenarios are first discussed with the client during a “Rules of Engagement” meeting to ensure expectations are met and techniques are approved. Some in-scope procedures for the Physical Penetration Testing include:

  • Covert Facility Surveillance
  • Attempts to Gain Unauthorized Entry(RFID Cloning,Lock Picking,etc.)
  • Secure Access via Tailgating
  • Credential Forgery/Impersonation
  • Unauthorized Access to Sensitive Materials
  • Clean Desk Check


With our extensive background in assessments, penetration testing, and auditing, we help organizations improve their security stance over time by locating vulnerabilities and configuration weaknesses. These assessments examine the underlying infrastructure, people, and technologies to identify vulnerabilities that pose a risk to the organization.

Compliance Framework Assessments

  • NIST

Technical (Risk) Assessments

Technical (Risk) Assessments

  • Application Security
  • Pentesting
  • Social Engineering

Third Party Risk Assessments

A System That Delivers

Cyber security technology has improved, but bad actors have evolved, too. Hackers have been delayed, slowed, but not thwarted. They have maintained their lead in spite of enhanced security technology. One fact is clear: there are more hackers executing more cyber-attacks now than ever before.

As businesses become aware of the increasing frequency of attacks and the havoc that a single breach can wreak, the search for new solutions takes on a feverish urgency. The requirements for effective cyber defense services have grown beyond traditional data and system security solutions. What worked even five years ago will no longer cover the complexity of threats stretching across industries from healthcare, public utilities, and education to government and finance.

As cyber actors continue to develop new ways to expose vulnerabilities and exploit businesses, cyber security professionals must also learn to stretch across multiple industries to keep those organizations safe, stable, and resilient against attacks. Simply put, businesses can no longer afford to focus only on threats that are specific to their industry. Our analysts have eyes on threats and incidents that are occurring across all industries, from healthcare to banking, retail, tech, and government. It’s our job to know what’s out there so we can provide the best service and protection for our clients.