If you have not conducted an annual Penetration Test this year, we recommend making it a top priority.

Annual Penetration Testing is a mission-critical component of your cybersecurity compliance program. As an industry leader in PenTesting, everyone on the BW Cyber Services team has performed security work for the U.S. government and been granted a government security clearance.  We use the same tools and techniques as the organized crime rings and foreign entities who are actively targeting asset managers to steal your data or effect a wire fraud against you or your investors.

Talk with a Security Expert

  • This field is for validation purposes and should be left unchanged.

Why Penetration Testing is Mission Critical

On August 7, 2017, the Securities and Exchange Commission’s (“SEC”) Office of Compliance Inspections and Examinations (“OCIE”) released a risk alert (the “Risk Alert”) summarizing observations from the second round of cybersecurity sweep examinations on 75 SEC registered investment firms. Most notably, the Risk Alert states that firms would benefit from considering such elements:

Detailed cybersecurity-related instructions regarding items such as Penetration Testing, security monitoring and system auditing, access rights, and reporting – OCIE provided specific examples of how instructions were given with respect to penetration tests, security monitoring and system auditing, access rights and reporting.

Maintenance of prescriptive schedules and processes for testing data integrity and vulnerabilities – Vulnerability scans of core IT infrastructure were required with prioritized action items for any identified concerns and patch management policies.

Penetration Testing Process


Through external and internal tests, we simulate real world attacks and use the same techniques and tools as attackers to identify security vulnerabilities.


In-depth reporting will include prioritized, tactical and strategic recommendations to address internal and external issues.


Working with your IT staff or IT MSP, we ensure all vulnerabilities identified are clearly understood and agreed upon to resolve those vulnerabilities.

cyber services in action

The BW Cyber Services Pen Test

  • Satisfies regulatory testing requirements
  • Identifies security weaknesses in your networks
  • Incorporates both a Vulnerability Assessment as well as an ethical test attack simulation conducted by our team of Penetration Testing experts – both externally and internally
  • Includes a custom Phishing Test using the same attacks as criminals to effect wire fraud, email compromise and monetization of your PII
  • Included in our service is direct and ongoing interaction with your IT Support staff ensuring they fully understand the risks identified during testing and the actions they need to apply for mitigation