Internal Infrastructure Penetration Test

We analyze the security of one or several networks (DMZ, VLAN, through VPN connection, IP ranges, etc.) and identify vulnerabilities on IP ranges before they are exploited by malicious actors or inside threats.

What we do

To keep trust in your networks, we operate by identifying vulnerabilities and misconfigurations among the IP ranges and services (Servers, routers, proxies, printers, firewall, DC, etc.).

We use the industry standards, our own experience, and knowledge to audit the selected perimeter. We provide the most comprehensive reports to improve the security of your internal infrastructure by following contextual recommendations.

We can work remotely or locally according to your requirements.

When to perform an Internal Penetration Test

If you want to:

Have a security analysis on one or several networks (DMZ, VLAN, through VPN connection, IP ranges, etc.)
Identify vulnerabilities on IP ranges before they are exploited by malicious actors or inside threats

Put your defenses to the test

Let our ethical hackers analyze, identify and close the gaps in your systems.

Talk to our pentesters

How we work

We lay bare any vulnerabilities or security misconfigurations that could have a detrimental impact on your systems' confidentiality, integrity, or availability.

Penetration Testing Process Security Positive Thinking Company - Needs-1

1. Your needs

In the scoping meeting, our pentesters determine with your teams which assets you want to be tested as well as the budget, requirements, and planning. We will then put together a project proposal and agree on a schedule for conducting the penetration test.

Penetration Testing Process Security Positive Thinking Company - Kick-off

2. Kick off

Through this kick-off meeting, we ensure that the teams have a good understanding of the issues and objectives of the penetration test.

Penetration Testing Process Security Positive Thinking Company - Penetration Test-1

3. Penetration Test

The penetration test starts following the market standards. We use a standard methodology customized to your context and using both market and in-house tools.

Penetration Testing Process Security Positive Thinking Company - Feedback Session-1

4. Feedback Session

Our experts present and explain their findings to your teams and validate them in your context. This allows us to position the risk rating of your asset(s) on a maturity scale developed in-house.

Penetration Testing Process Security Positive Thinking Company - Delivrables

5. Deliverables

We provide you with a managerial and a technical report. Each contains a detailed analysis of the vulnerabilities uncovered during the test, the weaknesses, the threat they pose, and recommended remediation steps.

What we look for

Our experts research vulnerabilities within:

Servers and open ports
Available services (outdated versions, known CVEs and exploits, misconfigurations)
Operating System (outdated versions, known CVEs, etc.)
Sensitive data (shares, AD objects, etc.)
Network segregation
Etc.

The objectives of our penetration testers are to find security weaknesses that impact the confidentiality, integrity or availability of the network and way to remediate them. Effort remediation for each vulnerability is also estimated to help prioritize the corrections.

What you get

A managerial report which summarizes the findings and their criticality for the management team to take decisions and prioritize corrections.
A technical report which contains all the information about the findings, how to repeat the vulnerability, and recommendations on how to correct them.
A secure environment after applying our recommendations.

Other on-demand services to help you manage your cyber risks

Remediation follow-up

Bug Bounty Program

Source Code Review

Ready to test?

Get in touch with our ethical hackers to get a penetration testing offer tailored to your needs.