Penetration Testing

Penetration Tests

The Center for Internet Security, Inc. (CIS®) offers penetration tests for network devices and web applications. This service is available ONLY to U.S. State, Local, Tribal, and Territorial (SLTT) government entities.

Fill out the form to receive more information about how CIS penetration tests can help your organization improve its security posture.

Penetration tests are a cost-effective service that simulates a real-world attack scenario against your network devices and web applications. Using a four-phased approach informed by the Open Web Application Security Project (OWASP) Top 10 Web Application Vulnerabilities Project and the NIST SP 100-115 Information Security Testing and Assessment standard, CIS testers attempt to exploit external resources, access internal resources, and compromise your network.

At the end of a penetration test, you receive a written report detailing the methods used by the CIS testers to uncover each vulnerability, the potential impact of exploitation, recommendations for remediation, and vulnerability references.

Learn More

First Name
Last Name
Email
Phone Number
Phone Extension

State/Region

Public Organization Name
Category:
Sector
How Did You Hear About Us?

I live in a state or country protected by privacy legislation, and/or I would like to receive occasional updates regarding CIS products and services. I understand I will have the opportunity to opt out of this request at any time.

I have read and agree to the “Terms of Use for Non-Members”, link set forth here: Terms of Use. I understand and acknowledge that commercial use is prohibited without a CIS SecureSuite Membership permitting such use.

^ By submitting the form, I have reviewed the CIS Privacy Notice, which details the way in which CIS utilizes personal data, including the use of standard web beacons.

* Indicates required field

If you experience any issues during registration, please contact us at learn@cisecurity.org.