Are your public-facing networks safe
from advancing external attacks?
With today’s advancing threat landscape, countless dangers can go undetected. Remote hackers could take advantage of your network perimeter gaps and eventually gain access to your internal environment’s assets.
When performing external network testing, our expert penetration testers mimic the tactics and scenarios of real-world hackers. With this form of testing, our good guys focus on identifying potential vulnerabilities on the perimeter layer. Perimeter controls are put into place to protect against remote attackers, whether they are bots or human adversaries.
What sort of damage could an
internal threat do to your company?
Organizations are always vulnerable to internal threats. Whether it be a resentful employee, or a staff member fooled by a phishing scheme, your internal network is seldom secure from a data breach.
In internal penetration testing, our expert pen testers analyze the environment that lies behind your public-facing devices. By imitating real-world attacks, our pen testers identify any vulnerabilities that an attacker could infiltrate.
Partner with an expert to get a custom game plan on what you should test and how to execute your attack simulation. Our penetration testers begin by gaining initial knowledge of your attack surface and infrastructure assets, which reveals a clear path for the engagement.
Experience how your security defenses respond during a simulated cyber attack by an advanced ethical hacker. Our penetration testers will use their expertise and intuition to assess your attack surface and discover any vulnerabilities within your security stance.
After the exploit, our professional writing team will deliver a report that gives insight into any vulnerabilities discovered and expert guidance on how to remediate them. After remediation, our team will retest to assure that you’ve fortified your defenses and attack surface.
Make Sure You’re Ready
Make sure you’re ready to face today’s threats confidently. Sign up to receive expert tips and guidance from our monthly newsletter, The Readiness Report, right in your inbox!
How much does a penetration test cost?
Pricing for a penetration test depends on scoping factors, including business applications, technology platforms, physical locations, and other environment aspects. Pricing will coincide with the amount of time needed for the engagement, as well as how many experts are needed to complete it.
What is external network penetration testing?
External network penetration testing focuses on the perimeter of your network and identifies any deficiencies that exist in the controls that protect against remote attackers targeting the Internet-facing systems in your environment.
What are external network penetration testing techniques?
- Port scans and other network service interaction and queries
- Network sniffing, traffic monitoring, traffic analysis, and host discovery
- Spoofing or deceiving servers via dynamic routing updates (e.g., OSPF, RIP spoofing)
- Attempted logins or other use of systems with any account name/password
- Use of exploit code for leveraging discovered vulnerabilities
- Password cracking via capture and scanning of authentication databases
- Buffer overruns/underruns
- Spoofing or deceiving servers regarding network traffic
- Alteration of running system configuration except where denial of service would result
- Adding user accounts
What is internal network penetration testing?
Internal network penetration tests target the networked environment that lies behind your public-facing devices. It is designed to identify and exploit issues that can be discovered by an attacker who has gained access to your internal network.
What are internal network penetration testing techniques?
- Internal subnets
- Domain servers
- File servers
What is the penetration testing process?
During penetration testing, our experts gain initial knowledge by researching an organization’s infrastructure assets. They follow a methodology derived from various sources, including the OSSTMM, Information Systems Audit Standards, CERT/CC, the SANS Institute, NIST, and OWASP. After interpreting the results, they will use manual techniques, human intuition, and years of experience to attack the vulnerabilities found. After the exploitation, our professional writing team will send you a comprehensive report with a narrative explaining the testing techniques, vulnerabilities exposed, and guidance for remediation action steps.
How long does a penetration test take to complete?
Every penetration test is different. Depending on the scope of your environment, time spent testing may vary. The average penetration test takes two to three weeks. The entire engagement including kick off, scoping, access and whitelisting, research, attack, report writing, vulnerability remediation, retest, and final report averages around two to three months.
What do I receive when my penetration test is complete?
After a penetration test, our professional writing team will work with your tester to write a comprehensive report with a narrative explaining the testing techniques, vulnerabilities exposed, and guidance for remediation action steps.
How often does a penetration test need to be performed?
For various auditing frameworks the time frames range from every six months to a year. As cybersecurity experts, we know that security is cyclical and suggest a continuous testing approach to testing. Depending on an organization’s level of security maturity, penetration test recurrence could vary.