History of Success

Emerging Defense has performed penetration assessments for hundreds of clients across multiple industries and topologies. We specialize in external, internal, WAN, wireless, and mobile penetration assessments and have leveraged these skills holistically to demonstrate business impact and risk in a controlled, safe manner.

Automated Assessment vs. Penetration Testing

Emerging Defense strongly believes that automated assessments and automated assessment tools serve a limited purpose and are not intended to and should never be used as a replacement for a comprehensive manual penetration assessment. Attackers behind data breaches today do not rely on the use of automated vulnerability and attack tools—why should you?

Our Position
  • Automated assessments operate in isolation and are unable to think outside the box.
  • No automated assessment  is capable of iteratively exploiting vulnerabilities in concert to achieve a high-value vulnerability.
  • No business impact of exploitation is factored during an automated analysis.
  • Automated tools are incapable of assigning a vulnerability risk rating applicable to and in terms of an organization’s unique business.

Request a Call Today

  99% Manual Testing

Manual testing is the process of mirroring a true threat by approaching a target in a focused manner that leverages the human element for analysis and exploitation. Manual testing is performed with context of a target environment due to reconnaissance, research, and experience. Tasks are performed adaptively by using specific actions or tools in response to newly acquired data. The human element enables a practitioner to intelligently react and prioritize vulnerabilities during an assessment to ensure that the greatest enterprise risks are identified as fast as possible.

Real Attacker Capabilities

This approach is composed of human analysis and custom tools driven by experience and research to ensure that common, complex, and client-specific vulnerabilities are identified. Manual testing closely resembles the capabilities of a true targeted attack without the risk of impact or downtime associated with automated testing or inexperienced practitioners.

  • Manual testing enables the chaining of vulnerabilities that may not, in isolation, present a risk to the organization.
  • Manual testing leverages threat intelligence and underground tactics not readily available to automated tool vendors but nonetheless used by black hats.
  • Emerging Defense breach investigation experience indicates that automated vulnerability scanning is not effective at preventing a data breach.
  • Internal assessment statistics show that 92% of all critical enterprise-grade vulnerabilities identified by Emerging Defense would not have been identified through automated assessment or automated tools.

  1% Automation

Automated forms of penetration testing generally involve the execution of a “push button” tool that holistically attempts to analyze a target without context or business requirement consideration. Designed to be used by IT staff, these tools report vulnerabilities in a generic and universal manner.

Restricted Usage

The Emerging Defense methodology will only employ automated tools on request. All automated tools executed by the assessment team are authorized by Emerging Defense through internal review to minimize risk of execution.

Does this mean your assessments are expensive?

Many of our customers debate whether the added cost of manual testing provides enough value over a potentially cheaper, automated assessment. Our threat profiling and assessment tailoring for an organization's unique business provides a focused approach which actually reduces the overall cost. The Emerging Defense assessment methodology quickly guides practitioners toward priority exposures that matter the most to an organization, saving time and money while maintaining the ability to identify exposures.

View Our Detailed Methodology

Tools & Technique

Because of the proprietary nature, codebase size, and regular updates, it is impossible for a practitioner to assure a client that they are completely aware of all actions performed by an automated vulnerability scanning tool. In most cases, a practitioner has no idea what the tool may or may not be doing under the hood.

No tools, No Problem

Emerging Defense does not rely on commercial tools to fulfill our objectives. Our controlled activities and business-considerate model allow practitioners to sit down with client IT personnel and describe in depth what our steps, procedures, and actions will be and when they will occur.

Formal Review
A large portion of our tool set is composed of internally developed tools, custom scripts, and pure human analysis. Any third-party tools leveraged by our practitioners are subject to the Emerging Defense formal review process. Our approval process includes

  • a network footprint analysis to determine all network traffic sent and received,
  • limited binary analysis of the tool to ensure no backdoors, and
  • a documented list of approved tool functionality /actions for practitioner use.

In most circumstances, approved tool use cases are restricted to a subset of a tool’s full functionality. This is necessary to ensure that we completely understand the consequences and can accurately predict the outcome of executing a third-party tool.

  Threat Intelligence

Emerging Defense funds internal attack and vulnerability research. Our approach provides protection for our customers against known threats today and new and upcoming threats tomorrow. As a result of our initiative, we have identified multiple critical zero-day  (0 day) vulnerabilities in vendor products used to protect our customers. In most cases, reported  vulnerabilities resulted in complete compromise. Emerging Defense believes that continuous research is the key to staying ahead of today’s attacks and delivering current and meaningful service offering results.

Emerging Defense has discovered and disclosed high profile vendor product vulnerabilities:


  Defined Risk and Predictability

The execution of a penetration assessment by inexperienced practitioners without a structured methodology can result in disruption to a target environment and operational downtime.

Low Risk by Design

Emerging Defense understands this concern which is why we designed our methodology to include mandatory check points that require client approval prior to any medium or high risk activity.

Additionally, environment-specific knowledge gained through Emerging Defense target profiling and applicable threat identification reduces risk through the reduction of unnecessary assessment tasks. Emerging Defense's devotion to risk management is proven through our manual testing mandate. Our manual testing is comprised of such defined and controlled covert activities that they can often double as a test exercise for client security monitoring systems designed to detect a real attack.

View Our Detailed Methodology
View Service Offering Details >

Our Value

latest tweets @EmergingDefense

2 days ago Shadowbrokers released passphrase to decrypt equation group files https://github.com/x0rz/EQGRP

5 days ago Solaris rpc.cmsd remote root exploit (TAO's EASYSTREET) #0day #zeroday http://bit.ly/2ojN1x1

9 days ago This particular feature is also done within Office VBA and no external WMI, PowerShell, or Win32 API calls. http://bit.ly/2oNGxHB

Follow Us >

newsletter signup

Sign up for our newsletter