GRC Viewpoint

Netragard: HOW NETRAGARD IS REVOLUTIONISING PENETRATION TESTING

ADRIEL
DESAUTELS

Founder & CEO

“Businesses stay with Netragard because of service quality and customer care. We offer a wide range of offensive security services that are tailored to the specific needs of their businesses and we have a global team that consists of experts who are highly skilled in information security and customer service”

The journey to the founding of Netragard for Desautels had its origin in his earlier years, when his path to becoming a hacker began. “My journey as a hacker began at the age of 6 or 7, when my father bought a computer which fuelled my curiosity.” From here, Desautels said this curiosity became the driving force that motivated his desire to understand how things worked and how things can often be used for various purposes than the one initially intended. “That outside-the-box, problem-solving mindset is the foundation of how we, at Netragard, think like hackers and use that knowledge to leverage an organization’s cybersecurity. As our slogan says, ‘We protect you from people like us’.”

In 2006, after realising no penetration testing vendors were able to replicate cyber-attack techniques used by real-world threat actors, the seed for the creation of Netragard was planted in the mind of Adriel Desautels and the company’s founding team.

THE INSPIRATION

“In 2006, most penetration testing firms concentrated on fulfilling regulatory obligations that necessitated penetration testing,” said Desautels. However, in reality, many of these companies were satisfied by automated vulnerability and manual vetting – but this wasn’t enough for the Netragard Founder. He explained, “Meanwhile, actual threat actors employed a combination of skill, creativity, intelligence, and manual methods to identify and exploit the vulnerabilities in their victims’ infrastructures at an increasing rate. Therefore, organisations became frustrated because they would ‘pass’ a penetration test only to be breached shortly thereafter.”

After a number of years performing vulnerability research and helping software vendors identify and fix security issues in their products, Desautels was approached to help find a vendor that could perform a realistic attack simulation. “I quickly noticed there was nothing available that could genuinely replicate what the bad guys do,” said Desautels. To deal with the gaping market need, Netragard was born. Through its creation, the company would seek to provide high-quality, manual research-driven penetration testing services that replicate techniques used by real-world threat actors.

According to Desautels, this method of testing is the most effective way to identify vulnerabilities in an organisation’s infrastructure and provide effective recommendations to reduce the likelihood of suffering a damaging data breach. Netragard provides offensive security services tailored to help organisations identify known and novel vulnerabilities in their infrastructure, software, hardware, and proprietary technologies. The company seeks to accurately replicate the techniques, tactics and procedures used by real-world threat actors. The firm’s services including a wide range of penetration testing services, covering internal and external infrastructures, web applications, mobile software, and proprietary technology. In addition, the company also offers social engineering services including phishing, vishing, smishing and pretexting.

Desautels commented, “Our advanced services involve physically breaching a customer’s facility or building custom offensive technology. We specialise in testing at levels of threat that match or exceed those that our customers are likely to face in a real-world scenario, enabling them to take a truly effective pre-emptive approach to security. “Our wide range of customized services helps organisations identify their vulnerabilities before they can be exploited by attackers. As a result, Netragard helps companies go beyond simply meeting regulatory compliance requirements. We help them reduce the risk of data breaches, data loss and other security incidents that improves the organization’s overall security posture.”

NETRAGARD’S DIFFERENTIATORS

As for what sets Netragard apart from its competitors, Desautels underlined that his company is one of the most well-established penetration testing firms in the industry. “We understand that cybersecurity should be a business enabler, by preventing damaging security incidents – not an inhibitor, by adding additional burdens on employees.”

He highlighted how the company’s real-time dynamic testing methodology is at the heart of its penetration testing services and is derived from over a decade of experience in performing zero-day vulnerability research and exploit development. The firm’s research-based methodology facilitates the discovery of known and novel vulnerabilities in infrastructures, software, hardware and even tech that may be missed using traditional methods. “Our services are highly customizable and flexible,” said Desautels. “We meet our customers’ specific needs and goals by using purpose-built tools and innovative techniques to identify and exploit vulnerabilities in a realistic, real-world scenario. “We also strive to build long-term relationships with our customers and gain a deeper understanding of their challenges to help them achieve their goals.

Netragard helps companies strike the balance between operating and keeping the bad guys away while still operating their business efficiently. We go beyond our highly technical expertise to truly understand the needs of each business that is running behind those applications and computer systems.” Desautels continued, “By combining penetration testing & red teaming approaches, Netragard provides customers with the most comprehensive security testing possible. We help them test the effectiveness of their security controls and incident response procedures as well as identify and remediate vulnerabilities. After working with us, our clients are better able to detect and respond to incidents to prevent them from becoming damaging compromises.” “Businesses stay with Netragard because of service quality and customer care. We offer a wide range of offensive security services that are tailored to the specific needs of their businesses and we have a global team that consists of experts who are highly skilled in information security and customer service,” he continued.

THE NEED TO INVEST

When it comes to avoiding the very real threats that can be posed by hackers and threat actors in the cyber world, a key way to do this is by penetration testing. By understanding where the potential pitfalls lie, it offers the opportunity for companies to get ahead of the game. Do firms need to invest in this more? “Penetration testing helps companies proactively identify and fix security issues before they are exploited,” stressed Desautels. “The return on investment of good security is equivalent to the cost in damages of a single successful compromise. As those costly data breaches continue to make international headlines, organizations realize that it is no longer a matter of if they will be breached, but when.” Netragard’s customised approach, Desautels underlined, provides organisations with the tools to improve their established security solutions and better train employees to react to a real-life breach. “We want to make it so hard to hack your company that the bad guys will no longer waste their time, money or effort to pursue a cyberattack against your valuable assets and will move onto other targets,” he stated.

THE FUTURE OF CYBERSECURITY

With the digital world evolving, so do the potential threats that users can face in it. With new technologies providing new opportunities for threat actors to cause havoc online, where is the future of cybersecurity headed? “Cybersecurity will become so pivotal over the next decade that it will become something taught in grade school,” exclaimed Desautels. “Governments, cities, and companies will be challenged by an increasing sophistication of cyber threats, the growing use of AI and ML and the expanding attack surface created by the IoT.” “Things like quantum computing will pose new security challenges because traditional encryption methods will likely be ineffective against quantum-enabled attacks. Netragard will evolve with those threats by continuing to invest in our people, research and development capabilities and expertise in emerging technologies. Staying ahead of the real-world threat is what helps us to protect our customers from people like us.”