Penetration Testing

Why Do You Need Pen Testing?

Services Available With Cyberleaf

Vulnerability Scans

This process provides internal or external scanning of endpoints and is offered as a single engagement, managed monthly/quarterly/bi-monthly service, or as a part of a penetration test package.


Internal/External Network Testing

We simulate real-world attacks to provide a point-in-time assessment of vulnerabilities and threats to your network infrastructure. While many competitors usually perform a vulnerability scan and validate those findings against individual endpoints, we test your network wholistically. We combine techniques of penetration testing and red teaming to give you an attacker’s perspective of your entire network. 

Web Application Testing

As a foundation for our web application assessment, our testing methodology utilizes the following: Open-Source Security Testing Methodology Manual (OSSTMM), Penetration Testing Execution Standard (PTES), Open Web Application Security Project (OWASP), just to name a few. This can include APIs and infrastructure as well. 


Mobile Device & Application Testing

Just like with web application testing, this process utilizes the following: Open-Source Security Testing Methodology Manual (OSSTMM), Penetration Testing Execution Standard (PTES), and Open Web Application Security Project (OWASP) methodologies to thoroughly assess the security of mobile applications.


IoT & Internet-Aware Device Testing

Internet-aware devices span from everyday household appliances, thermostats, commercial Internet of Things (IoT) devices and systems, to automotive, healthcare, and mission critical Industrial Control Systems (ICS). We don’t limit ourselves to just the devices themselves, we consider the entire ecosystem of the target, covering areas such as communication channels and protocols, encryption and cryptography use, interfaces and APIs, firmware, hardware, and other critical areas. 


Social Engineering Testing

It’s not a matter of if you will be a victim of social engineering, it’s when. We can help train your organization to understand, and detect human and electronic based social engineering attacks.  Human-based attacks consist of impersonating a trusted individual to gain information or access to information and the client infrastructure. Electronic-based attacks consist of using complex phishing attacks crafted with specific organizational goals and rigor in mind. This service can be incorporated into a penetration test or can be utilized individually to help improve overall organizational training. 


Red Team Attack Simulations

Want to know how prepared your organization’s defense, detection, and response capabilities are? Do they actually work as designed? Let us help you with developing a customized attack execution model to properly emulate the threats your organization faces. The simulation includes real-world adversarial behaviors and tactics, techniques, and procedures (TTPs), allowing you to measure your security program’s true effectiveness when faced with persistent and determined attackers.

Wireless Network Testing

Using methodologies previously described, we test your wireless capabilities to not only detect an attack, but what would happen if someone were to gain access to your wireless network. Is it properly segmented? Is there any protection from outside devices? Let us help you find out. 


People, Process & Technology (PPT) Validation

At the heart of every successful penetration test lies the seamless integration of people, process, and technology testing. Our team of skilled, certified professionals leverage their expertise to simulate real-world cyberattacks, ensuring your organization's security posture remains resilient. Our process begins by understanding your unique business environment, allowing us to tailor our approach to your specific needs. With rigorous testing methodologies, we meticulously identify vulnerabilities, test for exploits, and assess the effectiveness of your defense mechanisms.


Compliance Validation

Our team of seasoned professionals possess deep knowledge and understanding of regulatory frameworks, ensuring your organization remains compliant with industry standards and regulations. Our process begins by conducting a comprehensive analysis of your compliance requirements and tailoring our testing methodologies to address specific mandates. With rigorous assessments, we meticulously examine your systems, networks, and applications to identify any gaps or vulnerabilities that may pose compliance risks. 


Why Choose Cyberleaf?

  • Access to an arsenal of cutting-edge technology
  • Utilize your existing staff with expert-led training
  • Fortify your security infrastructure
  • Safeguard your sensitive data
  • Maintain the trust of your stakeholders

Along with 15+ years of combined experience, 

our testers possess certifications in

OSCP, CRTO, CPTE & CDRE... just to name a few.

Stop Attacks Before

They Happen.

Jonathan Meyn

Director of Channel Sales

Jonathan is responsible for the Channel Strategy at Cyberleaf. He has over 10 years of experience in various technology solutions sales leadership roles. He has driven cybersecurity strategy and growth within the nation’s leading managed service providers.

Jonathan has a Communications Degree from Pennsylvania State University.

Brant Feldman


Brant served in Naval Special Warfare for 11 years.  He separated as a Lieutenant Commander having served at SEAL Team TWO, SEAL Team FOUR, and SEAL Team SIX.  Following his Naval service, Brant joined ADS in 2008 and was ultimately promoted to Chief Sales Officer, where he directed all sales, supplier, and marketing efforts.  His team was comprised of over 200 sales professionals who drove $3.2B in annual sales.  In 2022, Brant left ADS to pursue opportunities in Private Equity.

Brant has a Juris Doctorate from the University of Virginia School of Law, an Executive MBA from the Darden School of Business and degrees in Economics and Government from the University of Virginia.

Will Sendall


Will served as Chief Financial Officer to various private equity and VC backed high growth technology companies where he managed the financial and operational functions.  Will has also successfully executed multiple debt and equity fundraising processes and led both buy and sell sides of M&A processes.

Will has a MBA from the University of North Carolina – Chapel Hill and a degree in Accounting from Appalachian State University. 

Marshall Howard

Executive Vice President

Marshall is responsible for engineering and project management for Waterleaf. He has over 20 years executive experience across startup operations and Fortune 500 companies in multiple areas including Operations, Engineering, and Technology Implementation, Business Planning/Budgeting, Finance/M&A, Revenue Assurance, and Regulatory Affairs.

Previously Marshall served as a Vice President at T3 Communications, Inc., a Fort Myers, FL based CLEC and managed services provider. Prior to joining T3, Marshall served as VP of Network Technology and Business Development at Cleartel Communications (now part of Birch Communications) where he played a major role in the acquisition and integration of three other CLECs.

Marshall earned a BS in Physics from Rhodes College, a MSEE from Vanderbilt University, an MBA from Southern Methodist University and completed post-graduate work in Finance and Economics at Vanderbilt University. In addition, he has earned a Project Management Professional (PMP) certification.

David Levitan


David has over 30 years of experience as a telecommunications industry executive, leading technology and services organizations that have designed, built, and maintained fiber and wireless infrastructure across the US and internationally. He has extensive development, product marketing and general management experience operating independent, sponsor-backed, and publicly traded companies.

David’s previous experience includes executive leadership roles in start-up and publicly traded companies. As President of C-COR Network Services, he drove over 30% sales growth through a team of 400 employees delivering network infrastructure services for broadband operators, while also serving as an officer of parent company C-COR, Inc. At Scientific-Atlanta, Inc David held a progression of leadership and executive positions as the broadband division grew from ~$100 million to over $1.5 billion in annual sales. During his tenure he held product management, strategic planning, and general management roles, including overseeing the rapid growth of the company’s largest business unit, and establishing and scaling a unit delivering domestic and international professional services. As Vice President of CableMatrix, David also helped raise $5 million in series A venture funding for a policy management software startup.

David completed his undergraduate work at Cornell University with a BA in Economics and holds an MBA from the Harvard Graduate School of Business. 

Adam Sewall


Adam has been a successful senior executive and entrepreneur in the telecomm industry for more than 20 years. Adam has demonstrated success in complex technology deployments, as well as strategic planning, corporate development M&A, business development, operations, and general management. This experience also includes several significant liquidity events for shareholders.

Adam has had significant experience in the design, deployment, and operation of fiber, cellular, point-to-point and other communications networks in the US, Asia and SE Asia. Included in these deployments are AMPS, GSM, CDMA/TDMA, spread spectrum, Wi-Max/Wi-Fi and various Metro and long-haul fiber networks.

Prior to Waterleaf Adam was the President and CEO of T3 Communications Inc. a next generation CLEC based in Florida. He has also held executive management positions in operations, strategic planning and corporate development at T-Mobile and Verizon Wireless.

Adam’s technical background includes work in RF engineering, SDR, mobile s/w development, hardware engineering and telecommunications architecture. His project management and operations background include certifications in project management, GSM/PCS, numerous telecom standards and the successful integration of complex infrastructure as well as global deployments of software and communications networks.

He holds a BS Degree from SUNY and has completed graduate studies in engineering, finance, mathematics and economics at Stevens Institute, Columbia and Pace Universities.