Your Basket
Cyber security for any size of business
CREST member company
Team of friendly certified experts

External Infrastructure Penetration Test

External Infrastructure Penetration Test

Your public-facing connected systems are open to the world. On today's internet, over half of all the network traffic is not human. More than 11% of network traffic has a malicious nature. Coupled with 37.2% of all website traffic being bot related, it means you are almost certainly in a state of continual attack.

Why is it important

Our External Infrastructure Penetration Test identifies vulnerabilities and security weaknesses are present. External infrastructure-related weaknesses and vulnerabilities often originate from poor hardware configurations, ineffective system configuration parameters and weak security system controls. Criminals exploit these to gain access to previously private resources.


Our external infrastructure penetration testing service will help you:

  • Gain real-world insight into your vulnerabilities.

  • Identify where inappropriate services that increase your exposure.

  • Identify any missing patches.

  • Identify weak configurations.

  • Harden software and systems. 

  • Gain real-world insight into your vulnerabilities.

What the test entails

We will perform a complete infrastructure level penetration testing following the OSSTMM (Open Source Security Testing Methodology Manual) and PTES (Penetration Testing Execution Standard) methodologies. These methodologies ensure we identify any weaknesses that could allow an attacker to compromise the network, the data stored within it, or the devices hosted.


One of our CREST certified testers will perform your penetration test. The test will:

  • Conduct a series of automated vulnerability scans.

  • Carry out a range of manual tests using a methodology closely aligned with the OSSTM and PTES methodologies.

  • Provide immediate notification of any critical vulnerabilities to help you act quickly.

  • Produce a detailed report that identifies and explains the vulnerabilities prioritised by the risk posed to your business, not based on CVSS scores.

  • Identify a list of recommended countermeasures to address any identified vulnerabilities.

  • Include an executive summary that explains what the risks mean in business terms.

 

Conditions

Our External Infrastructure Penetration Test is priced by the number of externally facing IP addresses performed from our offices.

 

COVID-19: remote delivery options
Despite the current COVID-19 situation, we remain fully operational and at your disposal. Hedgehog fully embraces flexible and remote working. We adjust our delivery methods to provide consultancy services, penetration tests, and training remotely where necessary. Hedgehog fully embraces flexible and remote working. We adjust our delivery methods to provide consultancy services, penetration tests, and training remotely where necessary. 


Why choose Hedgehog

We only use experienced penetration testers to carried out clients penetration tests. Our penetration testers have the necessary technical skillset, qualifications and industry experience. They have the strong technical knowledge and proven track record needed to enable a successful penetration test. Our testers can carry out safe exploitation of applications and systems, advising on the appropriate mitigation measures required to ensure that your systems are secure.


Our CREST-certified penetration testing team will provide you with clarity, technical expertise and peace of mind. Our experienced testers will have reviewed your scoped environment, tested it to the fullest during the time permitted and will provide you with a detailed report.


We perform a high number of Azure-based penetration tests. All of our penetration tests comply with the Microsoft Rules of Engagement. We appropriately limit all penetration tests, ensuring only your assets are touched, avoiding unintended consequences to your customers or your infrastructure.

Contact Us

Ask us a question, any question at all. As long as it has to do with Information Security / Cyber Security, we will get back to you with an answer.