Testing built to answer one question: what happens if someone actually tries?
Every engagement below is scoped up front, run under a signed rules-of-engagement agreement, and delivered with a report that separates real risk from noise.
Hands-on testing, not just a scan with a logo on it.
Automated scanners find configuration drift. They don't tell you whether a vulnerability is actually exploitable, chainable, or business-critical. Manual, methodology-driven testing does.
Network Penetration Testing
External and internal testing against your network perimeter and internal segments to identify exploitable misconfigurations, weak credentials, and lateral-movement paths.
- External perimeter testing
- Internal / segmentation testing
- Privilege escalation & pivoting attempts
- Patch & configuration review
Web Application Penetration Testing
Manual testing of authentication, session handling, business logic, and injection points, referenced against the OWASP Testing Guide and OWASP Top 10.
- Authentication & access control
- Injection & input validation
- Business logic abuse cases
- API endpoint testing
Wireless Security Assessment
On-site or remote-supervised testing of wireless infrastructure — encryption strength, rogue access points, segmentation between guest and internal networks.
- Encryption & authentication review
- Rogue AP / evil-twin detection
- Guest / internal network segmentation
Deliverable
An executive summary written for leadership, a technical findings appendix with CVSS-style risk ratings and reproduction steps for your engineers, and a prioritized remediation list ranked by real-world impact.
Know your maturity level before an incident forces the question.
A structured gap assessment measuring your current program against recognized control frameworks — not a generic checklist, a control-by-control review with evidence.
NIST Cybersecurity Framework (CSF)
Evaluation across the CSF functions — Govern, Identify, Protect, Detect, Respond, Recover — to produce a current-state and target-state maturity picture.
CIS Critical Security Controls
Control-by-control review against the CIS Controls, prioritized by Implementation Group (IG1–IG3) so smaller organizations aren't handed an enterprise-scale to-do list.
Deliverable
A maturity scorecard, a gap list mapped to the framework's specific controls, and a prioritized remediation roadmap sequenced by risk reduction and effort.
Walk into your official audit with the gaps already closed.
These are readiness assessments — they prepare you for a formal audit or certification, they are not the certification itself. Formal SOC 2 reports are issued only by a licensed CPA firm, and CMMC certification is issued only by an accredited C3PAO. CyberOne Assurance's role is to find and help close the gaps before you engage with either.
SOC 2 Gap Assessment
Review against the Trust Services Criteria relevant to your scope (typically Security, and where applicable Availability, Confidentiality, or Privacy) to flag gaps before your formal SOC 2 audit.
CMMC Readiness Assessment
Gap review against the applicable CMMC level's practice requirements for organizations handling FCI/CUI, ahead of a formal C3PAO assessment.
HIPAA Security Rule Review
Assessment of administrative, physical, and technical safeguards required under the HIPAA Security Rule for organizations handling ePHI.
Deliverable
A control-by-control gap report mapped to the relevant framework, evidence notes, and a remediation plan sequenced so you're not scrambling in the weeks before your official audit window.
Same disciplined process, every time.
No testing begins without a signed scope of work and written authorization. That protects you, and it protects the integrity of the results.
Scoping & Authorization
Targets, boundaries, timing, and emergency contacts are defined and signed off before anything starts.
Reconnaissance
Passive and active discovery to map the real attack surface — assets, exposure, entry points.
Testing & Exploitation
Controlled exploitation attempts against the agreed scope, following the relevant methodology for that engagement type.
Analysis & Validation
Every finding is manually verified and risk-rated — no un-triaged scanner output makes it into your report.
Reporting
Executive summary plus technical detail, with reproduction steps and prioritized remediation guidance.
Retest
A follow-up validation pass once fixes are in place, to confirm the issue is actually closed.
Your strongest firewall still can't stop a convincing email.
Controlled, consent-scoped exercises that test whether security awareness training actually holds up against a real attempt.
Phishing Campaigns
Simulated phishing sent to an agreed target group, tracking click-through, credential submission, and reporting rates.
Pretext Scenarios
Scenario-based social engineering (phone/email pretexting) scoped and pre-approved with your leadership before execution.
Awareness Reporting
Aggregated, anonymized metrics on organizational susceptibility — never used to single out individual employees.
Deliverable
An awareness report with click/report rates by department (not by individual), and specific recommendations for training focus areas.