Infrastructure Penetration Testing

A network penetration test is a type of security assessment performed by an ethical hacking company designed to identify cyber security vulnerabilities that could be used to compromise on-premises and cloud environments. Network pen testing can include assessment of perimeter security controls as well as devices such as routers and switches.

In most scenarios, we prefer to carry out internal penetration tests remotely via a VPN connection or a mini PC that we send to you. If your organisation’s network is segmented, you may need to help decide the best physical location for internal pen testing to be conducted.

To help ensure that infrastructure pen test results are clearly communicated to technical and non-technical stakeholders, every penetration test includes a written report detailing all vulnerabilities discovered, the level of risk each vulnerability posed, the difficulty of exploitation and recommendations to assist swift remediation.

An internal pen test is performed within an organisation’s network, looking for vulnerabilities from the inside. An external pen test is conducted, with an ethical hacker searching for security vulnerabilities in internet-facing assets such as web, mail and FTP servers.

The information needed for a network penetration testing company to scope a test is dependent upon whether an internal pen test or an external pen test is required. Information typically sought by a network pen test provider includes the total quantity of internal IPs and external IPs to be tested, subnets, and the number of physical locations.