An Internal penetration test is designed to assess an IT network for vulnerabilities and security issues in its servers, hosts, devices and network services. It particularly focuses on the ‘external view’ as seen by a hacker with respect to Internet-facing assets such as firewalls, intrusion prevention systems, web sites and unauthorised access. Internal penetration testing can also be applied as an ‘internal test’ which assess the risks and vulnerabilities associated with staff and authorised users.
Penetration tests are used as a practical guide to improve the security of an IT system and to meet the organisational requirements for compliance to standards that include the Payment Card Industry Data Security Standard (PCI DSS) and ISO 27001.
Penetration testing or ethical hacking uses a series of automated and manual processes to discover the security weaknesses in an IT network. Performed with the permission of the system owner, security vulnerabilities are identified and exploited to demonstrate how they can be used to facilitate a cyber attack. Measures and controls to prevent or mitigate the impact of an attack are recommended for each major vulnerability.
Our Internal Penetration Test Report includes an overview of the tests performed, an executive management summary, a technical summary and a technical detail section. The Common Vulnerability Scoring System (CVSS) describes the principal characteristics of a vulnerability and defines a numerical score reflecting its potential severity of impact. Remedial activities that prevent or mitigate the cyber exploits associated with each vulnerability are identified and linked to references that provide further detailed background information.
The Wizard Cyber penetration testing service is delivered by an experienced team who are certified by CREST (the Council of Registered Security Testers) and have over 15 years of combined experience in the field of information assurance and penetration testing. They are guided by the best practice testing methodology as published by OWASP, OSSTMM, CVSS and the SANS Institute.
With over 15 years combined corporate expertise in the field of information assurance & penetration testing
We will develop a test that fits your business needs
We use open source and commercial tools and our own testing apps developed by our in-house software development team
Certified by CREST and with qualifications from EC Council, Offensive Security and SANS
Clear and easy to understand reports including recommendations for remediation and improvement
Fixed price proposals with fully detailed project scope and no unexpected costs
If you have any further questions regarding penetration testing please contact us via email email@example.com or 0333 311 0121