Almost every organisation will have at least one internet connection, often several and they will usually be running services on them such as email, webmail, VPNs, webservers etc. These are all really attractive to attackers. Although the specific organisation may not be targeted, organisations need to understand that they are constantly under attack as attackers will just scan the internet to find vulnerable systems.
We pride ourselves on effective communication, so you will be introduced to your Consultant at the beginning of the test and will be updated on the issues found during the test, particularly if any critical or high risk vulnerabilities are identified.
Once the testing is complete, you will receive a thorough report detailing the issues found and what you need to do to fix them. We will be available after the test to go through any questions you have to make sure you have thoroughly understood the report.
Our External Penetration Testing is split into three steps:
A full port scan of TCP and UDP ports will be done which identifies open ports and the services running on them.
Once all the IP addresses have been scanned and the services running on those IP’s have been identified, our Consultants will manually connect to each service.
On each service the consultant will then perform a detailed security assessment to test for further vulnerabilities.