An Internal Penetration Test is conducted from within your network, taking the perspective of an attacker that has already gained a foothold by some other means (whether that is direct exploitation of a public facing system or via social engineering) or a malicious insider. This assessment uses a combination of automated and manual exploitation techniques […]
Organizations often spend the vast majority of their resources on securing their systems from external threat actors, while spending far less time protecting the “gooey” center of their networks. The same seems to hold true for cloud environments. While companies continue to flock to the cloud faster than ever before (more than 93% of companies […]
Internal penetration testing takes the perspective of a malicious individual that is connected to your organization’s corporate network. This style of penetration testing has a similar goal to external penetration testing (find sensitive data, take administrative control of the network, etc.), but provides a completely different attack surface for the assessment team to analyze. This […]
Internal penetration testing is a specific flavor of penetration testing that takes place from within your organization’s network. This testing is specifically designed to emulate a malicious insider or an external attacker that gains a foothold on the network. While the concept is pretty straightforward, there are some interesting nuances when you talk about internal […]
Perhaps an employee in your organization finds out that he or she is about to be fired and goes on a hacking spree. Or maybe Sally from accounting (sorry Sally) is always clicking on links that she receives in emails and you want to determine the risk to your network associated with that. An internal […]
