Internal Infrastructure Penetration Test
We analyze the security of one or several networks (DMZ, VLAN, through VPN connection, IP ranges, etc.) and identify vulnerabilities on IP ranges before they are exploited by malicious actors or inside threats.
What we do
To keep trust in your networks, we operate by identifying vulnerabilities and misconfigurations among the IP ranges and services (Servers, routers, proxies, printers, firewall, DC, etc.).
We use the industry standards, our own experience, and knowledge to audit the selected perimeter. We provide the most comprehensive reports to improve the security of your internal infrastructure by following contextual recommendations.
We can work remotely or locally according to your requirements.
When to perform an Internal Penetration Test
If you want to:
- Have a security analysis on one or several networks (DMZ, VLAN, through VPN connection, IP ranges, etc.)
- Identify vulnerabilities on IP ranges before they are exploited by malicious actors or inside threats
Put your defenses to the test
How we work
We lay bare any vulnerabilities or security misconfigurations that could have a detrimental impact on your systems' confidentiality, integrity, or availability.
1. Your needs
In the scoping meeting, our pentesters determine with your teams which assets you want to be tested as well as the budget, requirements, and planning. We will then put together a project proposal and agree on a schedule for conducting the penetration test.
3. Penetration Test
4. Feedback Session
5. Deliverables
What we look for
Our experts research vulnerabilities within:
- Servers and open ports
- Available services (outdated versions, known CVEs and exploits, misconfigurations)
- Operating System (outdated versions, known CVEs, etc.)
- Sensitive data (shares, AD objects, etc.)
- Network segregation
- Etc.
The objectives of our penetration testers are to find security weaknesses that impact the confidentiality, integrity or availability of the network and way to remediate them. Effort remediation for each vulnerability is also estimated to help prioritize the corrections.
What you get
- A managerial report which summarizes the findings and their criticality for the management team to take decisions and prioritize corrections.
- A technical report which contains all the information about the findings, how to repeat the vulnerability, and recommendations on how to correct them.
- A secure environment after applying our recommendations.