We are a sophisticated adversary.

Silent Break Security is a leading provider of penetration testing and information security consulting services. It may feel like it, but you’re not defending against auditors. You’re defending against intelligent, persistent cyber adversaries that know how to covertly bypass the latest in defensive technologies. You need a partner that can simulate that level of sophistication to help you better defend against real-world threats.

What makes Silent Break Security different?

Silent Break Security sets the bar for quality, customer service, and professionalism. From compliance to sophisticated adversary simulations to collaborative assessments to custom red team tool-kits and training, the approach is customized best help your organization progress in security maturity. New clients are encouraged to reach out to previous and current clients to hear their experience. Silent Break Security's expertise, reputation, and quality of service is truly unmatched.

 
$5,000+
 
$200 - $300 / hr
 
10 - 49
 Founded
2011
Show all +
Lehi, UT
headquarters
  • Lehi, UT
    United States

Reviews

Sort by

Penetration Testing for Auto Company

"They helped us look at things differently and showed us how a potential hacker thinks."

Quality: 
4.5
Schedule: 
5.0
Cost: 
5.0
Willing to refer: 
5.0
The Project
 
Confidential
 
2016 - Ongoing
Project summary: 

Silent Break Security does penetration testing for a trucking company. They focused on specific IP ranges, making recommendations after periodic, collaborative penetration efforts.

The Reviewer
 
10,001+ Employees
 
United States
CISO, Automotive Enterprise
 
Verified
The Review
Feedback summary: 

Some of Silent Break Security’s suggestions took minimal effort but yielded major improvements to cybersecurity. They explained all their methodology, and they found ways to move the business forward while reducing risk.

A Clutch analyst personally interviewed this client over the phone. Below is an edited transcript.

BACKGROUND

Introduce your business and what you do there.

We are a global manufacturer of commercial vehicles. I’m the chief information security officer.

OPPORTUNITY / CHALLENGE

What challenge were you trying to address with Silent Break Security?

We were looking for a firm to do penetration testing across our global environment, at a reasonable price that could also help train us along the way, with the overall goal of enhancing our security.

SOLUTION

What was the scope of their involvement?

They were to look at our entire corporate network and identify potential entry points through the use of tools and manual activities. They were to stop short of anything that could disrupt our manufacturing facilities or normal day-to-day operations. They used custom tooling along with tools readily available on the web. They worked hard to meet our needs.

For us, they have done mainly informed penetration testing. We provided them IP ranges they could go after, and ones they needed to avoid, to ensure we didn’t have any business disruptions. We provided them some basic account credentials for onsite and remote access. They also focused heavily on phishing for their initial point of entry. We were more concerned about what they could do once they were on the network then whether they could actually gain access. 

At the end of their tests, they provide a final report with recommendations for changes. We have typically implemented most of their suggestions relatively quickly. We have them return about a year later to validate work done and look for new potential exploits. They have been impressed by how much we were able to achieve between their visits.

In our last test, we had to reduce some of our controls to allow them access for their tools to run, as we blocked most of their initial penetration techniques. As noted, we are more interested in what a hacker could do after breaking through our barriers, than can get through. A determined hacker can always find a way in.

What is the team composition?

For each of the collaborative tests, they sent two people to our site. We worked with those individuals directly.  At times, they would coordinate with some of their remote colleagues for assistance.

How did you come to work with Silent Break Security?

I first engaged them for a project about three years ago and we have continued to approach them for their services. We initially selected them as penetration specialists and since then have used their collaborative pen test offering to help train our employees. Their prices were competitive, and we feel they have provided value to us.

What is the status of this engagement?

We began working together in 2016, and the partnership is ongoing.

RESULTS & FEEDBACK

What evidence can you share that demonstrates the impact of the engagement?

We’ve had many quick wins, that were relatively easy changes, that helped enhance our security.

How did Silent Break Security perform from a project management standpoint?

They coordinated with us well upfront to ensure they could hit the ground running. They provided solid technical leaders, who could also manage each engagement and ensure the time spent was where it provided the most value. They also did a good job of balancing the attacks with the training to ensure the team learned.

Their management summary reports didn’t always hit the mark for our company. We needed to work with them on verbiage to ensure the message was at the appropriate level for our senior management teams and that it was clear on some of the actionable things we could do, but without going to deep technically. They worked well with us on this, but it did take a few go-rounds to get there. Probably would have been the same with any company we worked with.

What did you find most impressive about them?

Their collaborative penetration tests really stand out. They brought people onsite to explain their process, and our team learned a lot from them. They helped us look at things differently and showed us how a potential hacker thinks.

Are there any areas they could improve?

I can’t think of any improvements off the top of my head.

Do you have any advice for potential customers?

Provide as much clarity as you can on your objectives. We were very clear about what they could and could not test, which ensured minimum to no disruption to daily operations.

4.5
Overall Score They’re good technicians and strong communicators. The more time they have to plan, the faster they start projects.
  • 5.0 Scheduling
    ON TIME / DEADLINES
    There were no issues with their ability to meet deadlines.
  • 5.0 Cost
    Value / within estimates
  • 4.5 Quality
    Service & deliverables
    Their quality is good, though they can still improve the language they use for the executive level.
  • 5.0 NPS
    Willing to refer
    I already recommend them.

Threat Simulation for Financial Services Firm

"Their attention to detail is great, but the true differentiating factor is the customer service." 

Quality: 
5.0
Schedule: 
5.0
Cost: 
4.0
Willing to refer: 
5.0
The Project
 
$50,000 to $199,999
 
Nov. 2017 - Feb. 2018
Project summary: 

Silent Break Security provided penetration testing to identify security risks and assess response time. They performed both black- and grey-box tests and delivered reports outlining their findings.

The Reviewer
 
1,001-5,000 Employees
 
Iowa
IT Security Operations Manager, Financial Firm
 
Verified
The Review
Feedback summary: 

Security holes were identified and filled thanks to Silent Break Security’s reporting, post-fix evaluation, and unique warranty period. Responsive and proactive, they adhered strictly to deadlines, yet were patient with necessary technical delays. Customers can expect a deeply involved partner.

A Clutch analyst personally interviewed this client over the phone. Below is an edited transcript.

BACKGROUND

Introduce your business and what you do there.

I’m the manager of the security operations center of a fixed annuities company. I’m in charge of vulnerability analysis, incident response, and security patching.

OPPORTUNITY / CHALLENGE

What challenge were you trying to address with Silent Break Security?

We run both internal and external penetration tests on an annual basis, and we’ve always ascribed to the notion of changing external penetration testing companies on a semi-regular basis. This can be 2–3 years, depending on what we’re doing. Bringing in new partners introduces us to new methodologies for finding vulnerabilities and attacking systems.

SOLUTION

What was the scope of their involvement?

We spoke briefly to discuss our needs and determine the targets they’d be attacking. Then, after agreeing on a statement of work including a timeframe, expected outputs, and warranty period length (not many vendors provide this), we articulated rules of engagement.

They started with black-box tests to test our current security and response to their intrusions. I was largely out of the loop as to when the tests would occur, so as not to be biased, but I knew a general period (within two months). We caught their attacks multiple times and asked them to pivot to a gray-box approach. In this situation, we gave them access to our environment to understand what would happen if someone did break in. We logged what we saw during that process and confirmed our findings with them. They let us know what we did and didn’t spot and what they actually did, so we could remedy our weaknesses.

What is the team composition?

I worked with their account manager on any issues, but I’m not sure how many people worked for us. Two Silent Break resources handled the attack phase, and we communicated with them via an internet portal. The tool let us upload details of the engagement and made communication easy.

How did you come to work with Silent Break Security?

My boss recommended them after speaking with them at a conference. We considered several other companies, including one we’d used in our last round of testing, but Silent Break’s caliber of reporting won me over. I appreciated their recommendations for fixes, as well as their data’s readability.

How much have you invested with them?

We spent $50,000–$100,000.

What is the status of this engagement?

We worked together from November 2017 until January 2018. We did a second test in February 2019, and we plan to work with them again later this year.

RESULTS & FEEDBACK

What evidence can you share that demonstrates the impact of the engagement?

Silent Break’s findings were always easy to follow, and we made the changes they recommended. While they had a huge impact, it's difficult to pinpoint because we're measuring it against what might have happened had we not plugged those holes.

During the actual tests, we were able to execute our internet response plan and investigate how my team would respond to a real attack. We’d spent a lot of time revamping our internet response time over the past 18 months, and it was beneficial to see the effectiveness of those efforts. 

How did Silent Break Security perform from a project management standpoint?

Silent Break was very responsive to emails, and they kept us on target. We were running multiple projects, making it easy to get sidetracked, but it was refreshing to be pushed to meet our goals. Once the tests began, it was easy to get a hold of Silent Break and ask if they were behind the suspicious activity we were observing.

Their reports were thorough and came on time. A proper penetration test can yield a lot of results, and it can take a while to go through them. Silent Break was easy to work with after the testing was done, confirming some of their findings and validating that we fixed any issues.

What did you find most impressive about them?

Their attention to detail is great, but the true differentiating factor is the customer service. I’ve called Silent Break multiple times, and someone I know and who was aware of our project always answers it. Right before we started, we upgraded our app to a new platform, and Silent Break agreed to push the date multiple times. This stretched into a new calendar year, and they were well within their rights to back out. They stayed with us the entire time, however, and were right beside us when we got the new version ready.

They seem to be a tight-knit company where everyone knows what’s going on and can respond to clients. We’ve had multiple positive testing engagements with other vendors, and Silent Break is definitely at the top. We’ll likely use them again.

Are there any areas they could improve?

I don’t know if there’s much they could’ve done differently. We’ve run a couple of engagements with them, and I assume their knowledge goes past even what I’ve seen. Silent Break has services we haven’t utilized, but we’ve simply never needed them.

5.0
Overall Score
  • 5.0 Scheduling
    ON TIME / DEADLINES
    We had scheduling issues on our side, and they were more than willing to work with us. I never felt rushed or delayed.
  • 4.0 Cost
    Value / within estimates
    We can always get more value, but Silent Break is very competitive, as far as other vendors go.
  • 5.0 Quality
    Service & deliverables
    There reports were comprehensive and provided evidence I could use to demonstrate the reality of threats to our leadership
  • 5.0 NPS
    Willing to refer

Penetration Testing for Medical Device Firm

“Their results demonstrated that there were areas we could modify to optimize our security further.”

Quality: 
5.0
Schedule: 
4.0
Cost: 
5.0
Willing to refer: 
5.0
The Project
 
$50,000 to $199,999
 
Dec. 2018 - Jan. 2019
Project summary: 

Silent Break Security tested the security on a medical firm’s website to locate potential vulnerabilities. Once finished, they documented their findings and presented the results.

The Reviewer
 
5,001-10,000 Employees
 
Chicago Metro Area
CISO, Medical Manufacture
 
Verified
The Review
Feedback summary: 

The team from Silent Break Security went into the penetration test with minimal information about the system and did a thorough job of documenting their findings. The results helped cybersecurity staff make adjustments to weaker areas.

A Clutch analyst personally interviewed this client over the phone. Below is an edited transcript.

BACKGROUND

Introduce your business and what you do there.

I’m the chief information security officer of a medical manufacturing and distributing company.

OPPORTUNITY / CHALLENGE

What challenge were you trying to address with Silent Break Security?

We wanted to hire an independent firm to perform penetration testing on our organization.

SOLUTION

What was the scope of their involvement?

The test was as blank as we could make it. We only gave them our company name; they had no information about our architecture, infrastructure, or protection methodology. Our only other parameter was that they avoid our SAP system. Their goal was to attempt to get into our system and, if successful, to show us what they were capable of gaining access to by assembling a formal findings document for our senior leadership. Once the test was finished, they shared the results with us and discussed our positives and negatives, as well as potential action plans.

What is the team composition?

We had a point of contact in sales and a technical lead. I’m not sure how many additional tech staff worked on our test.

How did you come to work with Silent Break Security?

There were many options, so we narrowed it down by looking for firms that had presented at large conferences in our industry. Once we had a list of prospective choices, we examined their philosophies and the skill level of their testers.

How much have you invested with them?

We spent around $50,000.

What is the status of this engagement?

The project lasted from December 2018–January 2019.

RESULTS & FEEDBACK

What evidence can you share that demonstrates the impact of the engagement?

Their results demonstrated that, although we had strong security overall, there were areas we could modify to optimize it further.

How did Silent Break Security perform from a project management standpoint?

They were responsive and documented everything well.

What did you find most impressive about them?

Their levels of knowledge and skill were very high, which is part of why we chose them in the first place.

Are there any areas they could improve?

Nothing that I can think of.

Do you have any advice for potential customers?

For this kind of testing, it’s important to find the right people and respect their professional capabilities. Once the test is finished, be prepared to implement any changes they suggest.

5.0
Overall Score
  • 4.0 Scheduling
    ON TIME / DEADLINES
  • 5.0 Cost
    Value / within estimates
  • 5.0 Quality
    Service & deliverables
  • 5.0 NPS
    Willing to refer

Penetration Testing for Retail Enterprise

“They put themselves in my shoes.”

Quality: 
4.5
Schedule: 
4.5
Cost: 
4.5
Willing to refer: 
4.5
The Project
 
$200,000 to $999,999
 
Jan. 2015 - Jan. 2018
Project summary: 

Silent Break Security collaborated to develop the scope to add value and reduce risk through penetration testing. They developed a report with their recommendations and executed varied testing every few months.

The Reviewer
 
10,001+ Employees
 
Milwaukee Metro Area
Former Chief Information Security Officer, Retail Chain
 
Verified
The Review
Feedback summary: 

Silent Break Security executed a practical and insightful plan. The team excelled at thoroughly examining the company’s needs and understanding where they could best be of service and then applying their high level of expertise to offer customized solutions. They offer a proactive approach.

A Clutch analyst personally interviewed this client over the phone. Below is an edited transcript.

BACKGROUND

Introduce your business and what you do there.

I was the chief information security officer for a Fortune 500 retailer.

OPPORTUNITY / CHALLENGE

What challenge were you trying to address with Silent Break Security?

We were looking for penetration testing services to remediate or reduce our company’s risk and enhance our cybersecurity.

SOLUTION

What was the scope of their involvement?

We had a planning meeting with Silent Break Security so to discuss our challenges and where we saw risk within the company. They helped to define the scope for testing. As it would be impossible to test 100% of the environment in a single test, Silent Break would provide valuable expert input as we developed the scope of each test.

Following each test, they produced a well-organized report that went into detail on their approach and execution of the test, along with the results and recommendations. It was a thorough approach, which added value to the exercise.

What is the team composition?

My first point of contact was always their VP of global strategy. I had an established relationship with him, and he understood my needs. On the backend, we engaged with their founder/principal security consultant, who’s worked with the NSA. There are occasions when we work with other members of the Silent Break team, and we found them just as experienced and knowledgeable.

How did you come to work with Silent Break Security?

Historically, I did business with their VP of global strategy when he was at a previous company. When he moved to Silent Break Security, we had a conversation about the company, their services, and their skills and expertise. I was impressed with their pedigree of resources. They stood out to me because they had people who’d worked with the NSA, so I recognized that they could add value to the problem. 

How much have you invested with them?

We spent $150,000–$300,000 over 2–3 years.

What is the status of this engagement?

We began working with Silent Break Security at the end of 2014 or beginning of 2015. There were multiple penetration tests, sometimes as many as 2–3 per year. Silent Break continues to be a valued partner on an as-needed basis.

RESULTS & FEEDBACK

What evidence can you share that demonstrates the impact of the engagement?

Their recommendations were actionable and absolutely valid.

How did Silent Break Security perform from a project management standpoint?

I have no complaints. The thing that stands out to me is the upfront planning and the extent to which they tried to understand the business problem so they could add their expertise up front. Sometimes, we wanted a penetration test and we asked for specific items with no discussion. Other times, we wanted to figure out what we could test that we didn’t normally test and that added to our risk mitigation strategy. They allowed us to decide the extent to which we wanted to engage with them and benefit from their expertise, and that’s a huge plus in working with them.

What did you find most impressive about them?

The people I worked with directly at Silent Break Security understood what my job was, what my concerns were, and what I had to do on behalf of the company I worked for. They put themselves in my shoes. They fully appreciated that there’s a right way of doing things, but how it’s applied to business is different from one company to the next.

Are there any areas they could improve?

No, I can't name anything.

Do you have any advice for future clients of theirs?

Someone working with them should communicate the goals, objectives, and concerns, and listen to their expertise on how to approach and scope the engagement. Silent Break Security can absolutely add value if clients allow them to place themselves in their shoes.

4.5
Overall Score Although, as a rule, I hardly ever give out maximum scores, Silent Break Security is an excellent partner, and I would highly recommend them.
  • 4.5 Scheduling
    ON TIME / DEADLINES
    I never had an issue. They always met my expectations and worked within my schedule constraints.
  • 4.5 Cost
    Value / within estimates
    In my view, it’s a commoditized service, and the rates are where I expect them to be.
  • 4.5 Quality
    Service & deliverables
    They’re good at working on ambiguities and differences, and I’m happy with the results.
  • 4.5 NPS
    Willing to refer
    I’d recommend them anytime.

Penetration Testing for Financial Services Firm

“The types of tests they ran were targeted and customized to our needs.”

Quality: 
4.0
Schedule: 
4.0
Cost: 
5.0
Willing to refer: 
5.0
The Project
 
$10,000 to $49,999
 
July - Sept. 2018
Project summary: 

Silent Break Security conducted penetration testing on various systems, including code and apps. They collaborated with the in-house team to develop customized tests and provided specific solutions.

The Reviewer
 
1,001-5,000 Employees
 
Salt Lake City Metro Area
Security Architect, Financial Services Company
 
Verified
The Review
Feedback summary: 

Silent Break Security came highly recommended and had a competitive price. They did high-quality work, identifying system vulnerabilities that traditional tests wouldn’t have found. Although their documentation could improve, they were still a reliable and effective team.

A Clutch analyst personally interviewed this client over the phone. Below is an edited transcript.

BACKGROUND

Introduce your business and what you do there.

I’m a security architect for a health finance company. I’m responsible for all of the infrastructure security, including the network, penetration testing, and secure configuration analysis.

OPPORTUNITY / CHALLENGE

What challenge were you trying to address with Silent Break Security?

We needed a skilled partner to help with your annual assessments and penetration tests.

SOLUTION

What was the scope of their involvement?

Silent Break Security came on site and discussed the scope of what we wanted to test. We told them our goals and showed them the different types of systems we had, giving them specific target areas to test. They tested each one, including specific apps, code, and network components. They then wrote up reports highlighting security concerns and recommendations. Our team sat down with them to discuss the findings and determine what needed to be fixed.

What is the team composition? 

We mainly interacted with the project manager, but they provided testers for the internal network, our apps, and the external components.

How did you come to work with Silent Break Security?

We wanted a partner who’d be able to customize the tests and provide an in-depth evaluation of system vulnerabilities. We talked to a few partners and members of the security community, and many recommended Silent Break Security.

How much have you invested with them?

We spent around $40,000.

What is the status of this engagement?

We worked together from July–September 2018. 

RESULTS & FEEDBACK

What evidence can you share that demonstrates the impact of the engagement?

They found several system risks that a traditional test wouldn’t have found. The results were specific, and so were their recommended solutions.

How did Silent Break Security perform from a project management standpoint?

In addition to daily updates, they came onsite to provide presentations about the project. We mainly communicated via email, and they were highly responsive.

What did you find most impressive about them?

The types of tests they ran were targeted and customized to our needs.

Are there any areas they could improve?

They could improve their documentation and be more proactive about it.
 

4.5
Overall Score
  • 4.0 Scheduling
    ON TIME / DEADLINES
    They were good at meeting deadlines once they were established.
  • 5.0 Cost
    Value / within estimates
    They were very competitive.
  • 4.0 Quality
    Service & deliverables
    We had good results, but the documentation could’ve been better.
  • 5.0 NPS
    Willing to refer
    I’ve recommended them to several people.

Penetration Testing for Solutions Company

“They've yielded solid, actionable results that help us remediate real issues we need to fix.”    

Quality: 
4.0
Schedule: 
5.0
Cost: 
5.0
Willing to refer: 
5.0
The Project
 
$200,000 to $999,999
 
Feb. 2016 - Ongoing
Project summary: 

Silent Break Security performs penetration testing for a cloud-hosted web application on a quarterly basis. They also run phishing and black box tests of the entire corporate infrastructure as needed. 

The Reviewer
 
501-1,000 Employees
 
Arizona
CISO, Law Enforcement Solutions Firm
 
Verified
The Review
Feedback summary: 

Silent Break Security not only conducts comprehensively thorough testing, but they also provide actionable recommendations. Thorough and strategic, they delimit reports to exclusively relevant advice and solutions the client can implement. They offer full communication access to the team.

A Clutch analyst personally interviewed this client over the phone. Below is an edited transcript.

BACKGROUND

Introduce your business and what you do there.

I work for a company that makes law enforcement technologies like body cameras, TASER electrical weapons, and cloud storage solutions for law enforcement. I'm the chief information and security officer. 

OPPORTUNITY / CHALLENGE

What challenge were you trying to address with Silent Break Security?

We needed a web application assessment for our large cloud solution. A few years ago, we first reached out to Silent Break Security for quarterly penetration testing. 

SOLUTION

What was the scope of their involvement?

Over the years, most of Silent Break Security services have been quarterly web application penetration tests against our cloud solution. A couple of times, they've provided more traditional black box penetration tests against the entire corporate infrastructure including things like phishing assessment. They present their findings to us in written reports. As needed, they follow up in person or over phone calls for clarifications on technical questions we might have. 

The reporting includes recommendations for remediation and how we might reduce the risk of any particular issue they found. We have never used them for services to implement the fixes before, but we certainly have leveraged their recommendations. 

What is the team composition? 

We always have a project or program manager assigned to us, although it’s not the same person every time. Behind them, the actual penetration testing team performs the work. It usually seems to be one or two people since we don’t have a terribly large scope. We have direct access to the actual testers and project manager and can reach out to any of them at any time. 

How did you come to work with Silent Break Security?

Through some personal relationships, we had known Brady (Founder and CEO, Silent Break Security) for a long time. 

How much have you invested with them?

We've spent between $200,000 and $1 million. 

What is the status of this engagement?

We've been working together since early 2016. 
 

RESULTS & FEEDBACK

What evidence can you share that demonstrates the impact of the engagement?

Silent Break Security has had a markedly positive impact on our company. All the penetration tests they've done have been conducted professionally. They've yielded solid, actionable results that help us remediate real issues we need to fix. We've been able to operationalize their insight to make our system more secure. 

They've taken care to ensure any findings they point out to us are impactful and worth fixing. The reports are never full of fluff just to look impressive. They only present concerns they know are definitely worth our attention and effort. 

How did Silent Break Security perform from a project management standpoint?

From a communications and documentation standpoint, Silent Break Security has performed very well. They've been very available to answer our questions, schedule meetings, and follow up to discuss the reports. We haven't had any problems at all. 

What did you find most impressive about them?

Silent Break Security's ability to focus on the most actionable issues differentiates them from other cybersecurity consultants we've partnered with in the past is. They keep our critical problems top of mind instead of trying to list every potential one holistically. Rather than reporting on countless theoretical concerns, they conduct their testing based on real-world scenarios and impacts to help us narrow our focus. 

Are there any areas they could improve?

To improve growth going forward, I would suggest having a larger variety of employees. Since we've used Silent Break Security so frequently, the same couple of few people have done most of the work each time. Once their company grows, they'll be able to hire more talent to assign to work on projects. 

Do you have any advice for potential customers?

I've never had to worry about getting productive work out of Silent Break Security. They take care of everything that needs to be done right off the bat. 

4.5
Overall Score
  • 5.0 Scheduling
    ON TIME / DEADLINES
    They've never missed a deadline and have always been able to do the testing during the window of time we wanted.
  • 5.0 Cost
    Value / within estimates
    They've always offered us really great pricing for the value.
  • 4.0 Quality
    Service & deliverables
    They've never missed a deadline and have always been able to do the testing during the window of time we wanted.
  • 5.0 NPS
    Willing to refer
    I recommend them often.