What is External Penetration Testing?
External Penetration Testing is a security assessment conducted through the Internet by an ‘attacker’ with no preliminary knowledge of your system. Such a test provides organisations with an understanding of how their business looks to a hacker or malicious actor on the other side of the internet. Such ‘Black Hat’ exercises are conducted with or without client management awareness.
What is Internal Penetration Testing?
Internal Penetration Testing is a security assessment with scenarios based on an internal attacker, such as a visitor with only physical access to your offices or a contractor with limited systems access. Such a test provides organisations with an understanding of how vulnerable their business is to a malicious actor that has subverted the external or perimeter defences of the business.
Why complete a Penetration Test?
Penetration tests enable an organisation to gauge how susceptible it is to an attacker (whereby an attacker had similar access to the Penetration tester as agreed in the testing scope).
How often should penetration testing be completed?
Penetration tests should be done on a regular basis, bi-annually or annually (at a minimum) or after large infrastructure changes or security initiatives are delivered into an organisation.
Penetration Test Services
The results enable organisations to better understand:
• Intrusion Prevention System (IPS) effectiveness
• Identify risks including the information available for misuse, alteration, destruction or to be held to ransom
• Determine which systems are vulnerable to exploitation (both externally and internally dependent on the test type)
• Determine if they are culturally at risk due to a lack of awareness amongst team members
• Identify at-risk personally identifiable information and other sensitive data
• Address insufficient authentication and authorisation in different services
• Identify and address weak user credentials
• Identify configuration flaws, including excessive user privileges.
The report content (suitable for both Executive and Technical audiences) includes:
• Detailed technical information on the testing process
• Actionable outcomes including results, vulnerabilities (revealed); and
• Recommendations around remediation items.
Our Penetration testing services support your defence in depth security posture by providing actionable insights into both your internal and external security mechanisms.
Pricing from $10,000 + GST*
