Internal network pentest

This network pentest type focuses on finding the following classes of vulnerabilities in your internal network:

  • Application vulnerabilities
  • Exposed services
  • Misconfigurations
  • Active Directory issues
  • Weak segmentation

Our detailed report outlines each issue identified with steps to reproduce, as well as how several issues could be chained in more powerful attacks.

External network pentest

External network pentest analyses your network exposure to external attackers on the Internet. It’s perfect to understand your risks of publicly facing services/hosts or DMZ networks.

Analysing vulnerabilities of the services / applications exposed to the Internet
Misconfigured servers and network interfaces
Outdated software / vulnerable components / known vulnerabilities

Our detailed report outlines each issue identified with steps to reproduce, as well as how several issues could be chained in more powerful attacks.

Our process:

During our pentests we rely on OWASP and OSSTM methodologies. While employing some automated tools and scanners, we mostly perform manual expert penetration testing: such an approach proves to be the most practically valuable.

While black-box is one of the options we provide, from the efficiency point of view, we lean toward grey-box type with a reasonable amount of input.

1

A kick-off meeting to agree on the scope, inputs and communication

2

Pentesting (2-4 weeks, depending on the scope)

3

The final report that highlights the identified vulnerabilities

Check how our network pentest report looks like

Please contact us, and we will send you a sample network pentest report.

Why choose Iterasec?

We will combine innovative pentest tactics and our experience to analyze your software for exploitable vulnerabilities and strengthen your security posture. Iterasec ensures:

Manual pentests performed by highly-skilled security experts, certified with OSCP, CEH, and other security certifications
Manual pentests performed by highly-skilled security experts, certified with OSCP, CEH, and other security certifications
Transparent communication and accurate project management
Security findings with demonstrated business impact
Support to properly fix the identified vulnerabilities
Efficient and agile pentesting of the full system or its components

By cooperating with Iterasec, you get compliance with PCI, HIPAA, SOC2,3, OWASP, and more, an independent evaluation of your software and infrastructure security, and increased software quality thanks to avoiding critical security vulnerabilities.

Contacts

Please tell us what are you looking for and we will happily support you in that.

Feel free to use our contact form or contact us directly.