802.753.0107
info@kso-solutions.com
Our Company
KSO Solutions is a veteran owned cyber security consultancy that specializes in offensive cyber engagements. We are a small group of engineers that work closely with our clients to identify vulnerabilities and misconfigurations and provide detailed recommendations to improve the overall security of their business.
About Us
KSO Solutions is a boutique cybersecurity firm that provides high quality penetration testing services to its clients from US-Based consultants with experience from the world's leading cybersecurity companies at a fraction of the price.
KSO Solutions consultants have delivered hundreds of penetration tests for Fortune 500 companies while working at the largest cybersecurity consulting firms in the world. KSO Solutions consultants currently lead Red Team Operations, or are senior members of Red Teams for multiple Fortune 500 companies.
Contact Us To Learn MoreOur Services
KSO Solutions offers a wide array of testing services with the most common services listed below. KSO Solutions also performs other types of assessments not listed, such as black-box Red Team Assessments, Physical Security Assessments, and Vulnerability Remediation Testing.
External Penetration Test
Assesses Customer's Internet accessible systems, services, and applications for security weaknesses that can be used by attackers to perform malicious actions. KSO Solutions will attempt to authenticate to publicly accessible Customer portals using password guessing attacks within the defined scope.
Internal Penetration Test
Assesses the susceptibility of Customer's internal environment to an unprivileged user, or an attacker who gains access to Customer's environment. Aims to identify misconfigurations and vulnerabilities that can be used by attackers to move laterally and escalate privileges to accomplish a set of pre-defined goals.
Web Application Assessment
Aims to identify security weaknesses in Customer web application(s) through external testing. Testing is performed from the perspective of an unauthenticated, and authenticated user at varying roles as appropriate to the application.
API Assessment
Aims to identify security weaknesses in Customer Application Programming Interfaces (APIs) through external testing. Testing is performed from the perspective of an unauthenticated, and authenticated user at varying roles as appropriate to the application.
Social Engineering Assessment
Evaluates employee security awareness, policies, procedures, and technical controls intended to stop attackers from obtaining access to Customer networks. Attack vectors can include emails, phone calls, Short Messaging Service (SMS) to social engineer Customer personnel to complete target objectives.
Ransomware Readiness Assessment
Assesses the Customer's internal network to highlight strengths and weaknesses of Customer's security controls as it relates to ransomware behavior. Simulates the capabilities of ransomware actors and the worming and encryption capabilities of ransomware in Customer's environment.
Thick Client Assessment
Aims to identify security weaknesses in a Customer's desktop application and associated systems like backend databases and APIs. Testing is performed from the perspective of an unauthenticated, and authenticated user at varying roles as appropriate to the application.
Internal Network Vulnerability Assessment
Aims to identify known vulnerabilities using commercial vulnerability scanning tools. KSO Solutions manually verifies findings identified by scanning tools to eliminate false positives from the results.
Network Segmentation Assessment
Assesses the communication capabilities between less secure networks and sensitive networks such as those containing sensitive data like card holder data (CHD). Tests both ingress and egress to/from a sensitive network to a less secure network to identify misconfigurations.
Our Team
Our consultants have a wide breadth of experience across Offensive Red Team operations as well as Blue Team operations, and software development. Our consultants have experience delivering penetration tests to Fortune 500 companies while working at the world's best cybersecurity companies.
Some of the certifications our consultants hold are as follows:
CISSP, OSCP, OSEP, GPEN, GWAPT, GXPN, GCPN, OSWA, OSWE, GREM, OSMR, GCIH, GCNA, GCFA, GCTI
Jon Milkins
Jon is the Founder and Lead Consultant for KSO Solutions. He has a wide range of experience in cybersecurity from traditional SOC work, detection engineering, security research, and offensive security. He is currently working as the Red Team Operations Service Line lead for a Fortune 20 company performing all manner of penetration tests and black box red team assessments.
Sam C
Sam's experience is similar to Jon's in that it spans both offensive and defensive roles. He currently works as the Penetration Testing Lead at a Fortune 500 company. He is the cloud penetration testing expert for KSO Solutions and is a SANS TA for the SEC588 Cloud Penetration Testing and SANS560 Enterprise Penetration Testing courses.
Will N
Will currently works as a Principal Penetration Tester for a Fortune 500 company after being a Senior Red Team Consultant for several years delivering all types of penetration tests and black box red team assessments for Fortune 500 companies.
Contact Us
If you are interested in our services, or want a service that is not listed please reach out using the form below. We can schedule a call and discuss the services that you are interested in.