Internal network penetration

What is an internal network penetration test?

internal penetration testing assesses what an insider attack could accomplish. The target is typically the same as external penetration testing, but the major differentiator is the attacker either has some sort of authorized access or is starting from a point within the internal network.

An internal network test generally:

  • Tests from the perspective of both an authenticated and non-authenticated user to assess potential exploits
  • Assesses the vulnerabilities that exist for systems that are accessible to authorized login IDs and that reside within the network
  • Checks for misconfigurations that would allow employees to access information and inadvertently leak it online

Once identified, the vulnerabilities are presented in a format that allows an organization to assess their relative business risk and the cost of remediation. These can then be resolved in line with the network owner’s budget and risk appetite, inducing a proportionate response to cyber risks.

Did you know?

  • 100% of our User Threat Assessments found instances of high-risk data transfer via USB or cloud applications, and personal email usage
  • 98% of User Threat Assessments found customer proprietary information publicly accessible on the web

Insider threats are among the most difficult for enterprises to detect and stop. One of the main reasons for this is the sheer scope for attacks. It include everything from staff accidentally losing or damaging data, to malicious actors stealing information or compromising systems.

Internal users often bypass physical controls designed to protect computer resources. For most organizations, this means the internal network is where they are most vulnerable.

Benefits of an internal network penetration test

Our penetration tests will help you:

  • Gain real-world insight into your vulnerabilities
  • Identify what information a rogue employee could exploit
  • Determine whether partner organizations access more internal resources than you intended
  • Identify any patches that need to be installed
  • Harden your access controls
  • Enable encryption or choose a more secure protocol

Is an internal network penetration test right for you?

If you are responsible for your internal network, you should ask yourself:

  • Are your workstations and devices secure?
  • Is there a risk to your network from weak/default passwords?
  • Can someone on the inside gain access to the entire internal network?
  • Do you suffer from information leakage?
  • Have you assessed your intranet application for vulnerabilities?
  • Are your systems adequately patched?
  • Is your third-party access robust?

Our engagement process

Our CREST-accredited penetration testers follow an established methodology based primarily upon the OSSTMM (Open Source Security Testing Methodology Manual) security risks. This approach will emulate the techniques of an attacker using many of the same readily available tools.

  1. Scoping: Before testing, our account management team will discuss your assessment requirements for your internal network to define the scope of the test.
  2. Reconnaissance: The tester will enumerate your network assets within the scope of the engagement and identify any holes in your firewalls to ensure network segmentation.
  3. Assessment: Using the information identified in the initial phase, we test the network for potential vulnerabilities. This will provide your organization with the ability to produce an accurate threat and risk assessment.
  4. Reporting: The test results will be fully analysed by an IT Governance certified tester and a full report will be prepared for the customer that sets out the scope of the test and the methodology used, along with the risks identified.
  5. Re-test: We can provide access to our testers and the raw test data to support and expedite remediation. We can also retest your systems so that you can be sure all identified issues have been successfully resolved.

Our penetration tests comply with the Microsoft Rules of Engagement

For Azure clients, this means we take care to limit all penetration tests to your assets, thereby avoiding unintended consequences to your customers or your infrastructure