Network Penetration Testing

  • Home
  • Network Penetration Testing

What is Network Penetration Testing?

An external network pen test is designed to test the effectiveness of perimeter security controls to prevent and detect attacks as well as to identify weaknesses in internet-facing assets such as web, mail and FTP servers. HTD penetration testing specialists examine the current state of your infrastructure to assess the resilience of your security controls, and to identify all the ways that an attacker might use to gain unauthorized access.

An external penetration test includes a full external vulnerability scan, but that’s just where it gets started. All output from scanning tools will be investigated manually by HTD pentesters to remove false positives, run exploits to verify the extent/impact of the weakness.

Where a vulnerability scanner would simply report that a service has a critical weakness, a penetration test would look to exploit that weakness and gain control of the server. If successful, the pentesters will use their newly acquired access to pivot further, and compromise further systems and services.

Image

Testing Methodology

  • Reconnaissance and intelligence gathering

    Our network penetration testers use the latest intelligence gathering techniques to uncover security and technical information that could be used to help them access your network.

  • Active scanning and vulnerability analysis

    Using a combination of manual and automated tools, our testers identify security weaknesses and develop a strategy to exploit them.

  • Exploitation

    To obtain initial access to your network, our experienced network penetration testers exploit all identified vulnerabilities, but in a safe way that avoids damage and disruption.

  • Reporting

    Once a network assessment is completed, our testers document key findings and supply prioritized remediation guidance to help address any identified exposures.

Benefits of Network Penetration Testing

  • Reduce risk to business continuity and the cost of being non-compliant.
  • Harden systems and network against host compromise.
  • Provide management with a proof of exploit, which outlines the assets that an attack can compromise.
  • Detect known vulnerabilities and discover unknown vulnerabilities which may be exploited to access privileged information
  • Audit external security monitoring procedures and test your incident response tactics.
  • Detect installations which are non-compliant with your internal policy and which may serve as a pivot for external attackers.

Deliverables

  • Executive Summary

    Highlighting highly rated vulnerabilities and business risks, and our recommendations.

  • Technical Report

    Our findings and suggested recommendations for remediation and mitigation of the identified vulnerabilities.

Copyright @2020 HTD.RED