What's Involved?

Infrastruture penetration tests (pentests) are made up of various areas and are a combination of hands-on, involved methods and some scans. These areas include:

Internal Assessment

Following an initial scoping call to establish the scope of the test, we will assess your IT environment from the inside, simulating the position of an attacker who already has access to a device on your network.

External assessment

IT services reachable via the internet are a target for attackers. We build an external picture of your IT environment and test for weaknesses.Our assessors will evaluate websites and services for obvious and known vulnerabilities.

Credentialed scanning

Alongside our manual penetration testing, we run credentialed vulnerability scans of your external and internal IT environment. This allows us to gain deeper insights into your IT environment which could take an attacker weeks or months.

Comprehensive Reporting

Following the assessment, you will receive a comprehensive, actionable report which is delivered during a debrief session with the testers who delivered your assessment. This is a great opportunity to ask any questions about findings and remediation opportunities. 
Though all findings will be relayed during the report and debrief, if our team discovers anything during the test that requires immediate attention, they will inform you straight away.

Communication

Our testers maintain an open channel of communication throughout the assessment, through which our team will communicate anything you need to be made aware of and where you can raise any questions you may have.

Free Retest

All pentests include a complementary retest against all findings as standard. This is optional, but is a fantastic opportunity to verify remediation efforts have been successful.