Cybersecurity Technical Testing Program

Our cybersecurity-focused technical testing program validates in place technical controls through focused testing, architecture and configuration reviews and compliance reviews; it is completely customizable to your specific needs.

Whether you are a small start-up or a mature enterprise, Agio’s Cybersecurity Technical Testing Program can support your efforts in identifying weaknesses in the implementation, configuration, and management of the platforms and systems used by your organization. Our activities complement your efforts to ensure that best practices are implemented, and governance measures are maintained and effective for the systems and platforms in use. Starting at the perimeter, we look at your resiliency to multiple threat vectors and then look internally at what can happen once compromised.

Our program’s menu is continuously evolving to address the changing threat landscape and is meant to give you different options to assess your organization as your cybersecurity defenses mature.  We work with you to understand what you currently have in place, and then collaborate to create a unique program based on your needs, including a specific cadence for each activity over the course of our partnership.

Penetration Tests & Vulnerability Assessments

  • Comprehensive Penetration Test*
  • External Only Penetration Test
  • Cloud Security Penetration Test
  • Web Application Penetration Test*
  • Mobile Application Penetration Test
  • Vulnerability Assessment
  • Segmentation Validation Test
  • PCI Pen Test and ASV Scanning
  • Validation of Remediation Test

Attack & Breach Emulations

  • Red Team Assessment
  • Breach & Attack Emulation

Security Architecture & Configuration Evaluations

  • Security Architecture Review*
  • Cloud Security Architecture Review
  • Firewall Configuration Review*
  • Office 365 Security Configuration Review

End User Technical Evaluations

  • Social Engineering*
  • Open Source Intelligence Gathering
  • Laptop/Workstation Evaluation
  • AD Password Audit

*Baseline best practice service recommended for every program.

Our testing team works hand in hand with our Compliance & Governance experts, our Managed Detection & Response (link) SOC, and your teams, to inform your test findings in the context of your particular compliance “soup” (NIST, HIPAA, PCI, SEC, FINRA, FCA, NYDFS, CJIS, FFIEC/GLBA, and SOX) and the latest threat vectors. We can recommend specific testing approaches and methodologies to address 24×7 production environments like Hospitals, Hosting & Service Providers, Law Enforcement networks, and eCommerce sites, as well as more traditional environments.

When your goal is to know the cyber posture of your environment and the resilience of its systems to the most prevalent threats, we’ll create a testing program specifically for you that provides you with the best value for your need to know.