By having an external penetration test, an organisation can understand the level of risk they are exposed to and then manage these risks where possible

Almost every organisation will have at least one internet connection, often several and they will usually be running services on them such as email, webmail, VPNs, webservers etc. These are all really attractive to attackers. Although the specific organisation may not be targeted, organisations need to understand that they are constantly under attack as attackers will just scan the internet to find vulnerable systems.

We pride ourselves on effective communication, so you will be introduced to your Consultant at the beginning of the test and will be updated on the issues found during the test, particularly if any critical or high risk vulnerabilities are identified.

Once the testing is complete, you will receive a thorough report detailing the issues found and what you need to do to fix them. We will be available after the test to go through any questions you have to make sure you have thoroughly understood the report.

Staddon External Penetration testing


Our External Penetration Testing is split into three steps:

Full Port Scan

Full Port Scan

A full port scan of TCP and UDP ports will be done which identifies open ports and the services running on them.

Full Port Scan

Identify Services

Once all the IP addresses have been scanned and the services running on those IP’s have been identified, our Consultants will manually connect to each service.

Full Port Scan

Detailed Assessment

On each service the consultant will then perform a detailed security assessment to test for further vulnerabilities.


For a detailed methodology or more information on External Penetration Testing