A network penetration test is designed to assess an IT network for vulnerabilities and security issues in its servers, hosts, devices and network services. It particularly focuses on the ‘external view’ as seen by a hacker with respect to Internet-facing assets such as firewalls, intrusion prevention systems, web sites and unauthorised access. Network penetration testing can also be applied as an ‘internal test’ which assess the risks and vulnerabilities associated with staff and authorised users.
Penetration tests are used as a practical guide to improve the security of an IT system and to meet the organisational requirements for compliance to standards that include the Payment Card Industry Data Security Standard (PCI DSS) and ISO 27001.
What is a network penetration test?
Penetration testing or ethical hacking uses a series of automated and manual processes to discover the security weaknesses in an IT network. Performed with the permission of the system owner, security vulnerabilities are identified and exploited to demonstrate how they can be used to facilitate a cyber attack. Measures and controls to prevent or mitigate the impact of an attack are recommended for each major vulnerability.
Penetration test report
Our Network Penetration Test Report includes an overview of the tests performed, an executive management summary, a technical summary and a technical detail section. The Common Vulnerability Scoring System (CVSS) describes the principal characteristics of a vulnerability and defines a numerical score reflecting its potential severity of impact. Remedial activities that prevent or mitigate the cyber exploits associated with each vulnerability are identified and linked to references that provide further detailed background information.
The Wizard Cyber penetration testing service is delivered by an experienced team who are certified by CREST (the Council of Registered Security Testers) and have over 15 years of combined experience in the field of information assurance and penetration testing. They are guided by the best practice testing methodology as published by OWASP, OSSTMM, CVSS and the SANS Institute.
Some error has occured.