External Network Penetration Testing
Benefits of a external network penetration test
- Understand your real attack surface
Understand the depth and breadth of vulnerabilities that could affect your IT systems if attackers were to exploit these. Vulnerabilities are rated with CVSS to help you prioritise the most serious vulnerabilities.
- Find all exposed services before attackers find them
Full TCP and UDP port ranges are searched and fingerprinted to understand the services that are running and how effective your firewalls are. Administrative services will be found such as SSH, web management portal, and services that use clear text channels, such as Telnet.
- Map the perimeter of the network
Perimeter networking devices are mapped (routers, load balancers, firewalls) to find your network boundary and attempt to move beyond the perimeter and into your internal network space.
- Find flaws in out-of-date or misconfigured services
Vulnerabilities are identified in software that is unpatched or has been set up in correctly.
- Find legacy artifacts left during deployment
Backup, configuration or any files that leak sensitive information that leads to a direct breach or information that could be used to breach your systems will be identified.
Our approach to external network penetration testing
Our tailored approach finds your weak spots and tackles both major security concerns and minor security flaws that could be used to breach. Giving you in-depth findings on the risks you face and how to fix them.
We use a combination of commercial and open source tools and manual and automated techniques to identify vulnerabilities thoroughly and efficiently.
There are a number of approaches that we use to exploit vulnerable targets including:
- Attempting default user accounts and passwords
- Weak passwords
- Exploitation of default settings
- Exploitation of development artifacts left at the deployment stage
- Finding hidden functionality or services that should not be exposed to the internet
- Identifying vulnerabilities within the underlying operating system
- Exploiting out-of-date software
- Reviewing the security data transit of each host
- Searching for information leakage used for further attacks.
Frequently asked questions
Can you work out of hours?
We can work out of hours for an additional charge. If part of your infrastructure is in a time zone that is in our normal working business hours then we won’t charge.
What happens if you find a critical vulnerability?
Our testers will contact you immediately by phone, email and the dedicated Slack channel that we will use with you during the testing process.
Will brute forcing our user accounts block access to our systems?
There is a possibility that this could occur. Let us know which systems are sensitive and they’ll be avoided.
Do you test for Denial of service (Dos)?
This isn’t something we actively test for and we wouldn’t recommend testing for this. However, we will highlight vulnerabilities that could lead to a Denial of Service.