Security Testing

Drill deep and analyze your business with compliance, social engineering and penetration testing.

Unlike assessments, where the goal is to look for problems, a test goes much deeper and performs a more thorough analysis of your business. A test is a formal comparison of your organization against an independent or mutually-agreed upon standard. While penetration testing may be the most recognizable form of testing, Eyra Security can also assist organizations looking to achieve compliance with legal requirements like HIPAA and HITECH, commercial standards like PCI (PCIDSS and PADSS) or third party audits like PTES or SSAE 16.

Schedule a call with Eyra today to talk about what benefits security testing would provide for your organization.


Types of security testing we offer

  • Penetration Testing – Our penetration testing is extremely thorough and follows the Penetration Test Execution Standard (PTES) as a model. If an alternate standard is desired, we can also examine network vulnerabilities (SANS Critical Controls or the NIST and CIS benchmarks), web vulnerabilities (OWASP Top 10), or database and perimeter vulnerabilities (vendor practice guides).
  • HIPAA/HITECH Testing – A Health Insurance Portability and Accountability Act (HIPAA) test is performed as a compliance audit. By reviewing HIPAA and HITECH requirements in a point-by-point basis , we consider your organization’s technology, policies and operational practices and compare them directly against the applicable rules and regulations.
  • PCI Testing – The Payment Card Industry (PCI) requires that all organizations that store, process or transmit credit card data comply with the PCI Data Security Standard (PCS-DSS). If your organization develops applications that interact with credit cards, you must also comply with the Payment Application Data Security Standard (PA-DSS)  In a PCI test, each applicable item in the standards is verified against your organization’s security infrastructure and operations.
  • SSAE 16 and ISAE 3402 – Formerly known as SAS 70, independent auditing has gotten quite complex. By focusing on numerous types of assessments, ranging from Financial, Security, Availability, Processing Integrity, Confidentiality, Privacy to issues specific to the Web. A full test requires the approval of a competent CPA firm. Eyra partners with a few, carefully vetted CPA firms to our clients get best mix of technical, operations and financial audit capabilities.
  • Social Engineering Testing – Social engineering is a very different sort of test and requires specifically-trained experts. Instead of reinventing the wheel, Eyra has partnered with the experts at Social-Engineer.com to provide the best social engineering testing in the industry.