Quality Results, Performance, and Consultants
The primary goal of a network penetration test is to determine if an attacker can gain access to sensitive data or systems through the target network. This type of test involves evaluating the attack surface for potential vulnerabilities and, where applicable, leveraging those vulnerabilities to gain control of systems or access to data. Network Penetration Tests are commonly used for internal and regulatory compliance.
External Vs. Internal
Network Penetration Test Variations
A normal (vanilla) network penetration test may include external ranges, internal ranges, or both. External testing is performed as an attacker on the Internet, while the internal often performed from a compromised user perspective.
In addition to a vanilla network penetration test, below are several common variations that you may need to meet your objectives:
Rogue Device Presence
Red Team Exercise
Network Segmentation Test
Penetration testing is scoped by overall effort, which is time-boxed. In combined internal + external penetration tests, the scoping is done separately, but the reporting effort is combined, thus saving the client some of the cost over scoping the exercises separately.