Vulnerability scanning

GuardsArm Inc helped us pinpoint the right assets to monitor and optimized our systems for the best results. Now, we only receive notifications for genuine threats, allowing my team to focus more on their core objectives.

We’ve been working with GuardsArm Inc for several years now for our quarterly vulnerability assessments. While our usual policy is to change vendors every few years, the exceptional service we've received from GuardsArm Inc has made us want to continue. The reports we get are thorough and offer clear, prioritized remediation advice.

GuardsArm Inc performed a web application penetration test on several of our edge applications and uncovered numerous configuration vulnerabilities, including insecure direct object reference (IDOR). They alerted us right away and provided guidance on how to address the issue. Their expert engineers gave step-by-step support and retested to ensure the critical vulnerability was resolved.

Wi-Fi security can be tricky, but we turned to GuardsArm Inc to test the wireless networks we provide for employees and customers to access store services. Their team came onsite, set up a specialized "toolkit" with antennas all around, and successfully created a rogue access point that mimicked ours. Users unknowingly connected to it. GuardsArm Inc then conducted an evil twin attack, capturing and injecting data into the network stream between user devices and other systems. They provided detailed findings, helping us educate our users and improve our security practices.

GuardsArm Inc conducted an external penetration test on our networks and flagged critical vulnerabilities. They kept us informed about potential responses from the host before attempting any exploits. We received updates twice a day, which was incredibly helpful for me and my team. Additionally, they provided excellent remediation guidance, enabling us to address vulnerabilities swiftly and effectively.

Our company outsources web development, and we asked GuardsArm Inc to review the source code for insecure API calls. The findings they uncovered were eye-opening. It was unsettling to realize that the web developer we hired had left so many security flaws in our code. I can't emphasize enough how reassuring it was to have the GuardsArm Inc team provide clear recommendations for us—and our partner—to fix the issues in our source code.

GuardsArm Inc ran a simulated phishing campaign targeting our employees by mimicking a payroll website we use in the company. Their engineers successfully captured several IT administrators' credentials. With domain administrator access, they were able to compromise our entire domain within just 20 minutes. This experience gave us the chance to demonstrate to leadership the urgent need for stronger user account practices, multi-factor authentication (MFA), enhanced user security awareness training, and the importance of allocating funds for these initiatives in our annual IT security budget.

GuardsArm Inc conducted an internal penetration test using one of our legacy network protocols. They successfully gained administrative access and deployed malicious code within our network. If this had been a real attack, we could have faced devastating consequences.

GuardsArm Inc's assessments give us clear visibility into our third-party risk exposure. With over 40 vendors, we lack the internal resources to conduct annual assessments for each one. The valuable insights they provide help guide our decisions when selecting and managing partnerships.

GuardsArm Inc has been a key partner in supporting our SOC operations. Without their flexibility, expertise, and rapid response, our small SOC team wouldn't be able to function effectively. They consistently engage with us at both the operational and executive levels, always seeking innovative solutions. Not only do they think outside the box, but they also deliver results.