Local Network Pentesting
Penetration Testing is to identify the presence of points where a threat (defined by the hacker) can be arranged with existing risks to achieve penetration. Scanyoursecurity helps to prevent penetration by identifying these points and providing effective methods for optimisation before they are exploited by malicious hackers. In order to ensure that Scanyoursecurity Penetration Tests provide an accurate measure of risk the tests are delivered to threat levels that are slightly upgraded from which are likely to be faced in the real world (unless reduced by customer requirements).
An Internal Penetration Test differs from a vulnerability assessment in that it actually exploits the vulnerabilities to determine what information is actually exposed. An Internal Penetration Test mimics the actions of an actual attacker exploiting weaknesses in network security without the usual dangers. This test examines internal IT systems for any weakness that could be used to disrupt the confidentiality, availability or integrity of the network, thereby allowing the organisation to address each weakness.
Scanyoursecurity Internal Penetration Test follows documented security testing methodologies which can include:
Internal Network Scanning
Manual Vulnerability Testing and Verification
Manual Configuration Weakness Testing and Verification
Limited Application Layer Testing
Firewall and ACL Testing
Administrator Privileges Escalation Testing
Password Strength Testing
Network Equipment Security Controls Testing
Database Security Controls Testing
Internal Network Scan for Known Trojans
Third-Party/Vendor Security Configuration Testing