External Penetration Testing

At Teceze, we rely on our cyber security expertise to perform and manage all aspects of external penetration testing for our clients. We use a process that is clear and simple to identify and manage the risk or all external attacks. We are the experts in External Penetration Testing.

Manual Infrastructure Testing

Many organisations have several connections that host services such as email, webmail and web servers. These services are potential targets for attackers. Understanding that the organisations are continuously under attack, is important.

Attackers are actively seeking vulnerable targets across the internet. When they find vulnerable targets, they will attack them until they break through to the network. It is crucial that organisations are made aware of the potential risks, while they need to reduce and manage them by active external penetration testing.

Service Description

Using one of Teceze Group’s servers, we carry out a full external infrastructure penetration testing that includes a full Port Scan of TCP and UDP ports of Public IP addresses. We seek out services that are running on open ports by carrying out a vulnerability scan.

This is completed using specialist scanners to begin with, but if specific services are not identified, we call on other tools and scripts that are applied that are closely linked to those services. We can identify common vulnerabilities including version number displaying in services, insecure protocols and default passwords using our specialist scanners.

External Penetration Testing

Following a thorough scan of all IP addresses and identification of all services, our expert testers then connect manually to each individual service and then look for any additional vulnerabilities. An example of this would be the discovery of an FTP server, whereby a tester will attempt a number of username and password combinations using limited-brute force, using common values that are linked to the name of the client. Should a web application be discovered, the tester will then carry out a small-unauthenticated Web Application Test to identify common vulnerabilities such as SQL injection or Cross-site Scripting.

Key Benefits of External Penetration Testing?

Key Benefits of External Penetration Testing?

Our cycle of interaction

Our CREST certified penetration testers follow an proven methodology mainly based on the OSSTMM (Open Source Security Testing Methodology Manual). This method emulates the tactics used by the attackers using many of the same readily available tools.

Scoping - Before a test our account management team will address the network / infrastructure evaluation criteria to determine the test scope.

Reconnaissance - Teceze will list your network assets and find any vulnerabilities in your networks that might break in by malicious actors.

Evaluation -Using the information found during the reconnaissance process, we search for possible vulnerabilities for the found hosts.

Reporting - The findings will be evaluated thoroughly by a tester accredited to Teceze  A comprehensive report will be prepared which describes the scope of the test and the methodology used along with the defined risks. This will give the company the opportunity to generate a detailed threat and risk assessment.

Re-test - To help and expedite the remediation, we will provide access to our testers and the raw test data. We can also re-test the systems so you can be confident that all the issues have been resolved successfully

  • Network fiercely against host compromise
  • Evite any financial damage
  • Identify known and unknown vulnerabilities
  • Reduce danger to continuity of business
  • Get autonomous security checks

Get a Quote

Number of employees in the company

Quote