Penetration testing (or pen testing) is a security exercise where a cyber-security expert attempts to find and exploit vulnerabilities in a computer system or network. The purpose of this simulated attack is to identify any weak spots in an organization’s defenses which attackers could take advantage of….

Penetration testing is part of a holistic cybersecurity strategy.

Types of Network Penetration Tests

White/Open-box pen test

In an open-box test, the hacker will be provided with some information ahead of time regarding the target company’s security controls.

Black/Closed-box pen test

Also known as a ‘single-blind’ test, this is one where the hacker is not given background information besides the name of the target company.

Covert pen test

Also known as a ‘double-blind’ pen test, this is a situation where almost no one in the company is aware that the pen test is happening, including the IT and security professionals who will be responding to the attack. For covert tests, it is especially important for the hacker to have the scope and other details of the test in writing beforehand to avoid any problems with law enforcement.

External pen test

In an external test, the ethical hacker goes up against the company’s external-facing technology, such as their website and external network
servers. In some cases, the hacker may not even be allowed to enter the company’s premises and must conduct the attack from a remote location.

Internal pen test

In an internal test, the ethical hacker performs the test from within the company’s internal network. This kind of test is useful in determining how much
damage a malicious insider can cause from within the company’s internal network.

Segmentation Testing

Segmentation testing verifies that segregation between network segments like your DMZ and internal networks is implemented and ensure that the communication between these networks is restricted.

Write to us

    Reason for Contact:

    Your name:

    Your mail:

    Your phone number:

    Your Message: