COVID-19: remote delivery options
We would like to reassure our clients that all training and consultancy services will go ahead as scheduled during the COVID-19 situation. As a company that fully embraces flexible and remote working, our delivery methods allow us to provide consultancy services, penetration tests and training remotely where necessary. Please also refer to our COVID-19 policy.
What is an internal network penetration test?
An internal network or infrastructure penetration test assesses the extent of your vulnerability to insider attacks.
An insider is anyone with access to organisational applications, systems and data, such as employees, contractors or partners.
The target is typically the same as an external penetration test, but relies on some sort of authorised access or starts from a point within your network.
Our internal network test will assess specified internal-facing network devices, using both automated scans and advanced manual testing techniques to assess your security and identify vulnerabilities.
- Secure configurations
- Network traffic
- Secure passwords
- Secure authentication
- Information leakage
Identified vulnerabilities are presented in a report that allows the organisation to assess its business risks and the cost of remediation. These can then be resolved in line with the network owner’s budget and risk appetite, allowing a proportionate response to cyber risks.
Download the full service description
Speak to an expert
For more information on how our CREST-accredited penetration testing services can help safeguard your organisation, call us now on +44 (0)333 800 7000, or request a call back using the form below.
Get in touch
Did you know?
Insider threats are among the most difficult for enterprises to detect and stop. One of the main reasons for this is the sheer scope for attacks.
They include everything from staff accidentally losing or damaging data to malicious actors stealing information or compromising systems.
Because staff have easier access to systems and assets, the internal network is where organisations are most vulnerable.
Benefits of an internal network penetration test
Our internal network penetration tests will help you:
- Identify and understand the technology-related vulnerabilities affecting your internal infrastructure;
- Find out how an attacker could move through your internal infrastructure, escalating their privileges and compromising key services;
- Understand the potential business impacts of vulnerabilities in your internal infrastructure;
- Demonstrate your security posture to clients by providing third-party assurances that your internal infrastructure is secure;
- Comply with ISO 27001, the UK DPA (Data Protection Act) 2018 and the GDPR (General Data Protection Regulation), the PCI DSS (Payment Card Industry Data Security Standard), and other laws, regulations and contractual obligations; and
- Protect brand loyalty and corporate image by reducing the likelihood of a security breach.
Is an internal network penetration test right for you?
If you are responsible for your internal network, you should ask yourself:
- Are your workstations and devices secure?
- Is there a risk to your network from weak/default passwords?
- Can someone on the inside gain access to the entire internal network?
- Do you suffer from information leakage?
- Have you assessed your intranet application for vulnerabilities?
- Are your systems adequately patched?
- Is your third-party access robust?
IT Governance’s Internal Infrastructure Penetration Test follows our proprietary security testing methodology, which is closely aligned with the SANS and OSSTMM (Open Source Security Testing Methodology Manual) methodologies.
This service will assess all internal-facing network devices that you specify. It does not include segmentation testing – for a dedicated segmentation testing service, please get in touch.
IT Governance uses both automated scans and advanced manual testing techniques to assess your security and identify vulnerabilities.