The founders of the Prometheus Group were pioneers in the field of Penetration Testing in the early 1990s. In turn, they have imparted their methodologies, techniques and knowledge to a new generation of operators who have embraced the latest in penetration techniques. The marriage of this knowledge with cutting edge technology has resulted in an unparalleled depth of experience and expertise into Penetration Testing.

The Prometheus Group understands that security is about more than just controls. This is why our Penetration Testers are also trained in Social Engineering and special attack and deception techniques. We will employ the same methods that malicious actors would use against your organization. For example, methods use such as dumpster diving, lock picking, social engineering, physical access compromise and 'simulated sabotage' would be utilized. While these techniques may seem extreme, it is important to remember: "Bad guys don't follow rules, and they don't play nice."

Before we test your organization, we provide you with a fully documented test plan and work with you to find an acceptable level of exploitation, and define Rules of Engagement for the operation. We will notify you immediately if the test results include any critical security flaws or any other event that would require emergency intervention for your organization. After completion of the Penetration Test, the Prometheus Group's Security experts will report the findings to management and security personnel, illustrating the techniques, analysis, and results of the assessment. The report covers:

• Executive summary
• Technical vulnerability report
• Design weaknesses
• Process weaknesses
• Electronic and Cyber Weaknesses
• Personnel and training weaknesses
• Other security weaknesses
• Recommended mitigation/remediation measures
• Other recommended actions on maintaining a secure environment

The ever-increasing volume, complexity and sophistication of attacks on organizations requires that you maintain constant vigilance in all aspects of threat protection. We work with you to determine the appropriate frequency for penetration testing to ensure that your organization and its personnel are protected from new sources and types of malicious attacks.

NOTE: The goal of a Penetration Test is to break into an organization and determine how to prevent future intrusions. To do so, The Prometheus Group's security experts must necessarily pose temporarily as bad actors. Truly bad actors are not constrained by client requirements, operational issues or proper authorization. While the Prometheus Group takes careful measures to avoid any negative impact while posing as bad actors, the attack techniques necessarily become more direct, and the risk of negative impact rises. Another way of viewing the process is thus: