Penetration testing (pentesting) is the process of assessing computer systems, networks and applications to identify and address security vulnerabilities that could be exploited by cybercriminals. Keystone is a provider of cyber security penetration testing services. With the support of a dedicated expert’s team, Pentesting service will enable organizations of all sizes to effectively manage cyber security risk by identifying, ethically exploiting, and helping to remediate vulnerabilities that could lead to network, systems, applications and personnel being compromised by malicious attackers.

External Penetration Tests

Identify and exploit vulnerabilities on systems, services and applications exposed to the Intern

Internal Penetration Tests


Simulate a malicious insider or an attacker that has gained access to an end-user system, including escalating privileges, installing custom-crafted malware or exfiltrating faux critical data.

Web Application Assessments

Comprehensively assess web or mobile applications for vulnerabilities that can lead to unauthorized access or data exposure

Mobile Device Assessments

Comprehensively assess the security of mobile devices and installed applications

Social Engineering

Assess the security awareness and general security controls with respect to human manipulation, including email, phone calls, media drops and physical access

Wireless Technology Assessments

Assess the security of your deployed wireless solution (e.g., 802.x, Bluetooth, Zigbee, etc.) Understand how secure data in transit and systems communicating via wireless technology actually are.

Embedded Device Internet of Things (IoT) Assessments

Assess the security of your device by attempting to exploit the embedded firmware, control the device by passing or injecting unsolicited malicious commands, or modify data sent from the device. Understand the security of devices and the ability to guarantee that the commands issued to and information received from the device are legitimate

ICS Penetration Tests

Combine penetration testing and exploitation experience with ICS expert knowledge to prove the extent an attacker can access, exploit or otherwise manipulate critical ICS/SCADA systems the benefit for a company is to understand the vulnerabilities in an ICS environment before an attacker exploits them