External Penetration Testing
At Teceze, we rely on our cyber security expertise to perform and manage all aspects of external penetration testing for our clients. We use a process that is clear and simple to identify and manage the risk or all external attacks. We are the experts in External Penetration Testing.
Manual Infrastructure Testing
Many organisations have several connections that host services such as email, webmail and web servers. These services are potential targets for attackers. Understanding that the organisations are continuously under attack, is important.
Attackers are actively seeking vulnerable targets across the internet. When they find vulnerable targets, they will attack them until they break through to the network. It is crucial that organisations are made aware of the potential risks, while they need to reduce and manage them by active external penetration testing.
Service Description
Using one of Teceze Group’s servers, we carry out a full external infrastructure penetration testing that includes a full Port Scan of TCP and UDP ports of Public IP addresses. We seek out services that are running on open ports by carrying out a vulnerability scan. This is completed using specialist scanners to begin with, but if specific services are not identified, we call on other tools and scripts that are applied that are closely linked to those services. We can identify common vulnerabilities including version number displaying in services, insecure protocols and default passwords using our specialist scanners.
Following a thorough scan of all IP addresses and identification of all services, our expert testers then connect manually to each individual service and then look for any additional vulnerabilities.
An example of this would be the discovery of an FTP server, whereby a tester will attempt a number of username and password combinations using limited-brute force, using common values that are linked to the name of the client. Should a web application be discovered, the tester will then carry out a small-unauthenticated Web Application Test to identify common vulnerabilities such as SQL injection or Cross-site Scripting.
Our expert team is here to help with any questions you have regarding our products or services. Fill out the form below or contact us on +44 0208 050 5014
