Manual Penetration Testing · Finger Lakes, NY

What scanners miss
attackers find. We go deeper than the surface.

Most "penetration tests" are automated scans with a logo on top. We do something different — manual, attacker-led testing by a practitioner whose certification was itself a live 5 day engagement. We find what a real adversary would find.

Request a Free Scope Call See Our Services

What We Do

Security testing that goes
beneath the surface

Every service we deliver is manual, attacker-methodology driven, and produced by the same certified practitioner you speak with before signing. No junior analysts. No outsourced labor. No automated scan dressed up as a pentest.

01 · External Network

External Network Penetration Test

We attempt to breach your perimeter from the outside — mapping your attack surface, probing exposed services, chaining vulnerabilities, and escalating access the way an attacker would. Not what a scanner says is exploitable. What actually is.

02 · Web Application

Web Application Pentest

Manual OWASP Top 10 testing across your web applications — authentication bypasses, injection flaws, IDOR, SSRF, broken access controls, API enumeration. Patient portals, payment pages, and SaaS platforms all carry unique risks we know how to find.

03 · Internal Network

Internal Network Assessment

Assuming perimeter breach, we assess what an attacker can reach inside your network. Active Directory enumeration, Kerberoasting, lateral movement paths, privilege escalation to domain admin. This is where most incidents become catastrophic.

04 · Breach Simulation

Full Breach Simulation

External + internal combined into a single cohesive engagement. We attack your organization the way an APT would — in stages, with persistence, chaining findings across boundaries. This is the closest thing to a real attack you can authorize.

05 · Compliance Gap

Compliance Gap Assessment

HIPAA, PCI-DSS v4.0, SOC 2 Type II, and NIST CSF — mapped control-by-control against your current posture. We identify what you're missing, what's partially implemented, and what your auditor or insurer will scrutinize. Documentation ready to hand your broker.

06 · Social Engineering

Social Engineering Assessment

Authorized phishing simulations, vishing campaigns, and physical pretexting to measure your team's susceptibility. Because the best firewall in the world doesn't protect against a convincing phone call or a well-crafted email.

Why Finger Lakes Information Security

Three things that
set us apart

Practical Over Theoretical

Our lead practitioner holds the PNPT — a 5 day live penetration test used as an exam, followed by a 48-hour professional report. Not a multiple-choice test. The same format we use on every client engagement. That's not a credential. It's documented proof we can do the work.

Insurance-Ready Documentation

Every engagement produces four documents built for four audiences: the technical team, the compliance officer, the board, and the underwriter. When your cyber broker asks for pentest documentation at renewal, you hand them exactly what they're looking for — formatted for their requirements, not just yours.

Founder-Led, Always

You work directly with the practitioner conducting your test. No sales rep who hands you off. No junior analyst on the actual engagement. When you have a question about a finding at 8pm, the person who found it answers. Large firms can't say that. We can.

"Most scans see the surface of the lake.
We're the ones who dive."

Cyber Insurance

Your broker is going to
ask for this.

Cyber insurers are tightening requirements. Many now require third-party penetration test documentation before binding policies or renewing coverage. The question isn't whether to get a pentest — it's whether you have the documentation before the deadline.

60%+ of insurers now require pentest documentation for policies above $1M
Undocumented control gaps trigger exclusions and reduced claim payouts
Our executive summary is formatted for direct broker submission
Documentation valid for 12 months of insurer requirements

$108k

Average SMB breach cost (IBM/Ponemon)

60%+

Insurers requiring third-party pentest docs

28%

Average premium increase — lower with documented controls

Documents per engagement — exec summary, tech report, compliance gap, remediation tracker

Compliance Coverage

One engagement.
Every framework your auditor checks.

Every engagement maps findings to the compliance frameworks your industry requires. No additional engagement needed. One test, four reports, complete audit trail.

HIPAA

Health Insurance Portability & Accountability Act

Every finding mapped to §164.312 technical safeguards and §164.308 administrative requirements. Formatted for OCR audit readiness and cyber insurer submission.

Healthcare

PCI-DSS v4.0

Payment Card Industry Data Security Standard

Requirement 11.4 mandates annual penetration testing of cardholder data environments. Our report maps every finding to specific v4.0 controls your QSA expects.

Finance · Retail

SOC 2

System & Organization Controls Type II

CC6.x and CC7.x common criteria directly reference security testing evidence. Our findings and methodology documentation give your auditors what they need.

SaaS · Tech

NIST CSF

Cybersecurity Framework 2.0

Identify, Protect, Detect, Respond, Recover — our gap analysis maps control failures to function categories, giving you a prioritized roadmap your board can act on.

All Industries

How We Work

The engagement
from first call to final report

Discovery

Scoping & Authorization

We start with a 30-minute discovery call to understand your environment, compliance requirements, and risk priorities. You receive a written scope document and engagement contract before a single packet is sent. Nothing happens without explicit written authorization.

Intelligence

Reconnaissance & Attack Surface Mapping

Open-source intelligence gathering, DNS enumeration, certificate transparency logs, exposed credential searches, technology fingerprinting. We build the same picture an attacker builds before they act — so we can find what they'd find.

Exploitation

Manual Exploitation & Privilege Escalation

Manual vulnerability exploitation, not automated scanner execution. We chain findings the way attackers do — an exposed service leads to initial access, misconfigured permissions lead to lateral movement, weak credentials lead to domain compromise. Every step documented in real time.

Post-Exploitation

Impact Assessment & Evidence Collection

We demonstrate impact — what an attacker could have accessed, exfiltrated, or destroyed had they not been an authorized tester. Screenshots, proof-of-concept evidence, and impact statements that make the risk real to non-technical stakeholders.

Delivery

Report Delivery & Debrief

Four documents: executive summary with risk dashboard, technical findings report with CVSS scores and remediation guidance, compliance gap analysis, and prioritized remediation tracker. Plus a live debrief walkthrough — we explain every finding to whoever needs to understand it.

Ready to find out
what's beneath the surface?

Start with a free 30-minute scope call. We'll tell you exactly what an engagement would look like for your environment, what it costs, and what you'll walk away with. No obligation.

Schedule a Free Scope Call Email Us

· (315)563-3962 · hello@fingerlakesinfosec.com · Finger Lakes, NY ·

What scanners miss attackers find. We go deeper than the surface.

Security testing that goesbeneath the surface

Three things thatset us apart

Your broker is going toask for this.

One engagement.Every framework your auditor checks.

The engagementfrom first call to final report