Network Penetration Testing
Service Summary
SECWALLS offers application and network level penetration testing performed through the best tools and verified manually by security experts. This process reduces the number of false positives in the findings. We automate this process and can provide continuous and periodic (monthly, quarterly, annual) scans.
Organisations commonly invest more heavily in their external perimeter and neglect good security practices on their internal network. This is often under the fallacy that if they keep the attackers out at the perimeter, they don’t need to worry about anything else.
SECWALLS conducts internal infrastructure penetration testing from an “unauthenticated internal” user perspective. The primary purpose of the assessment is to uncover network-layer vulnerabilities and misconfigurations that could result in the complete compromise of the organization’s internal network.
SECWALLS approach is targeted to gain the highest level of access within the target network i.e. domain or enterprise administrator. We perform the assessment with zero knowledge and with no user credentials (as real attackers would have). Each attack footpath exploitation and vulnerability chaining techniques are utilized and demonstrated to gain the highest privileged access.
SECWALLS conducts external infrastructure penetration testing from an “anonymous” user perspective over the Internet. The methodology is derived from industry security standards that covers over 30,000+ security test cases.
SECWALLS perform both vulnerability scanning and manual penetration testing to exploit each network layer vulnerability. We use multiple tools and manual techniques to ensure the accuracy and maximum attack surface area coverage. We work with you closely to schedule the testing to ensure the availability of your environment is not impacted.
Our Network Security Testing Methodology
Vulnerability Enumeration
Vulnerabilities are enumerated to identify potential exploits to pursue on each targeted host. to confirm valid vulnerabilities
Reporting
Consist of executive summary that clearly explains the purpose of the test, the tactics and techniques employed to gain access to the system