External Penetration Test & Methodology

The objective of the external penetration test is to simulate an attack originating from the public Internet. This engagement aims to identify and assess all Internet-facing assets that an adversary can use as an entry point into your corporate network. This is done with both automated and manual tools to validate the effectiveness of your security mechanisms, such as firewalls and intrusion-prevention systems.

Penetration testers carry out the testing without detailed network or infrastructure diagrams and without any accounts or additional user information (unless required as part of the scope). Includes: Reconnaissance, Threat Modelling, Vulnerability Analysis, Exploitation, Post-Exploitation.