Kroll Penetration Testing Services

Additional Info

Company size (employees)5,000 to 9,999
Type of solutionService


Independent penetration testing is the ultimate gauge of cyber defense effectiveness. Kroll’s CREST-certified experts have unique insights into the cyber risk landscape, including the tactics, techniques and procedures (TTPs) attackers typically deploy to gain access to digital assets.

Using real-world hacker techniques, Kroll simulates attacks on an organization to identify gaps in its security. Common targets include the internet perimeter, internal and external network infrastructure, websites, databases, applications, and even your employees.

Kroll’s five-phase approach incorporates two powerful sources of insight: the front-line experience of our global team of preeminent cyber investigators and the real-time threats gleaned from sophisticated technology resources, including our patent-protected dark web tools. For organizations whose cyber maturity is advanced, Kroll also provides red teaming exercises (on a onetime or periodic basis) that focus on specific objectives and scenarios provided by your team.

At the conclusion of the penetration testing, Kroll provides substantive evidence of its findings and can recommend countermeasures to reduce a company’s risk.

Kroll recently acquired Redscan and Security Compass Advisory, extending its Pen Testing capabilities even further.

How we are different

- Kroll was named the Best Cyber Security Consultancy by the National Law Journal for the past four years. Kroll has assembled an exceptional team with a proven track record in penetration testing services.

- Senior team members have each spent decades working in cybersecurity, and our award-winning penetration testers are certified to some of the highest global industry standards, including CHECK, CREST (CCT/CRT), and SANS (GIAC).

- Our testers have diverse backgrounds in information technology, application development and cyber investigations. This experience enables them to anticipate evolving and emerging cyber threats for our clients across industries and jurisdictions