Network Penetration Testing

Discover security gaps in your internal or external network before a hacker or Advanced Persistent Threat does!

We identify all relevant IT systems and services in your network and check whether they are accessible. We then search for errors, incorrect settings and security vulnerabilities. The procedure also allows you to see whether the Blue Team/the defenders would recognize the attacks.

Penetration testing

What is a network pentest?

In network penetration tests, a general distinction is made between the pentest of an internal network and the test of an external network. In the first case, the attacker is located in the internal network - which should not be accessible from the internet. In an external network pentest, the attacker comes "from outside". In other words, they try to attack the network via the Internet. In both cases, the aim is to compromise the network in some way and find security vulnerabilities. Depending on the case, the goal can also be to get from the external to the internal network. Once this has happened, there is unfortunately very little stopping the attacker in practice from stealing a lot of data or blackmailing the company by using the takeover of the internal network to encrypt it completely (ransomware).

What are differences between internal and external network pentesting?

To put it simply: in an external pentest, the penetration tester is a normal internet user with no other rights. In an internal pentest, the tester is virtually "in the company" and can access resources that are not accessible from the internet. As a rule, this means that the penetration tester is located in the company via VPN or directly.

How do you perform a network pentest?

Of course, this depends on the specific assignment. In general, the procedure corresponds to the standard process for a penetration test (briefing, execution, reporting).

Check out the in-depth article on external network penetration testing.

Check out the in-depth article on internal network penetration testing.

In both types of network penetration tests, the tester encounters various systems and cases:

Websites API CMS SSH and FTP servers Database servers Test/Dev/QA environments Shadow IT in the cloud Forgotten/outdated services Incomplete network segmentation Router Security cameras Interfaces for production facilities
Damian Strobel

"If you are in a company's internal network, you often have an easy game because internal security is unfortunately too often neglected."

Damian Strobel - Founder of DSecured

Your network is the backbone of your company. Protect it with a network penetration test from DSecured.

Some companies we have been able to help

Grab
PayPal
BMW
Goldman Sachs
Starbucks
ATT
TikTok
Hilton

Further questions and answers on the topic
"Network penetration testing"

How long does a standard network penetration test take?

Basically, it depends on the size of the scope and whether both internal and external networks are to be tested. A typical network penetration test takes between 1-2 weeks, but can take longer!

What types of vulnerabilities are typically identified in a network penetration test?

In a network penetration test, we focus on detecting vulnerabilities such as unsecured network protocols, configuration errors and vulnerabilities in the network infrastructure that could give attackers access. Detecting logins with weak passwords and unsecured network devices is also often part of (internal) network penetration tests.

How often should a network penetration test be carried out?

Networks change every day - especially in larger companies. In this respect, frequent network testing is important. Once a year would be the absolute minimum.

Can you provide real-time updates during a network security test?

That shouldn't be a problem - it's just important to record what exactly is to be shared in advance. Normally, these pentests generate a relatively large amount of data, which then needs to be analyzed.

How do I prepare my company for a network penetration test?

Network penetration tests - whether internal or external - are usually carried out in the production environment. It therefore makes sense to consider the times at which testing should take place. A presentation of the network structure and access data (if necessary) for the testers is also important.

What happens after the network security test is completed?

Our pentest report will be sent to you after the test has been completed. This includes a summary for management as well as technical details for your IT department. In addition, we offer a debriefing session to explain the report and discuss next steps.

Contact DSecured

Get a Network pentest offer