INTERNAL NETWORK PENETRATION TESTING
Know your unknowns to assess, quantify the infrastructure vulnerabilities and prepare a risk mitigation approach meant to reduce attack surface.
What is an internal network penetration test?
Internal network penetration test simulates an insider attack on organisational applications, systems and data. This insider could be an employee, contractor or partner who has access to the internal network.
“Internal” pen tests are also known as “Internal Infrastructure” or “Internal Network” penetration tests. This exercise in other terms establishes the true picture of an organisations’ risk posture. It helps CTOs/CISOs assess cultural practices around information storage, secure hardening, patch management, passwords analysis, active directory group policy, network equipment hardening and many more elements.
This is your assurance exercise to establish a secure and robust infrastructure for your organisation.
Internal pen test methodology
01. Initial Scoping & Objectives
Our network penetration testing experts work with you to define the assets in scope covering primary security concerns and any regulatory requirements. Specific assessments defined against certain targets are defined under ‘white box’, ‘black box’ or ‘grey box’ methodologies to define test cases before starting the assessment.
04. lateral movement & exploitation
Initial foothold is gained by exploiting weaknesses identified in the previous phase. Privilege escalation attempts and lateral movement actions are carried out to infiltrate into the internal network(s). Further vulnerabilities are exploited in a safe manner to measure the extent of exploitation, leading up to domain administrator account compromise.
02. reconnaissance & intelligence gathering
Reconnaissance phase works with the single objective – information gathering and analysis to provide relevant information for later stages. Based on project scope, intelligence gathering is mostly infrastructure related (e.g., network layouts, domains, servers, infrastructure details) unless it is a red team pentesting where personnel are in scope.
05. data analysis & reporting
This includes analysis on the test output, evaluation of the risk impact and attack likelihood before providing action plans to remediate the identified risks. All our reports address business as well as the technical audience with supporting raw data, including mitigation measures at strategic and tactical levels.
03. active scanning & vulnerability analysis
Using manual approaches and penetration testing tools, our security experts identify security weaknesses and prepare an attack layout to target vulnerable systems.
06. debrief & support
Our engagement process includes delivering a free of charge debrief to management and technical teams. This session involves help to prepare a remediation plan and Q&A to ensure that customer contacts are up to date. Cyphere also provide a remediation consultancy where we define and execute the risk mitigation plan.
More than 'report and run' consultancy
Vulnerabilities discovered by our internal penetration testing service
Frequently Asked Questions about Internal Network Penetration Testing
An internal penetration test is aimed at internal network from an insider attacker perspective i.e. an employee, contractor or a partner. An external pen test is aimed at internet exposed devices and/or systems only simulating a threat actor on the internet (unauthenticated).
Internal penetration tests can be scoped based on the requirements. For instance, if an organisation has never opted for network wide assessment and is aiming to improve security, it makes a business sense to assess the gaps and perform risk remediation to set internal benchmarks. If an organisation holds maturity in its security processes, targeted assignments are scoped such as network segmentation, specific internal security testing projects.
A thorough internal network penetration test measures the information security culture at ground level. This includes password cracking & analysis, patching audit, grou policy security, active directory design and architecture risks, encryption configuration, authentication, authorisation, information storage practices and network device hardening.
Where multiple physical sites and network segregations are a challenge remotely, onsite assessment is preferred. With post covid19 measures, we utilise a number of methods (SSL VPN, VM deployment or shipping hardware to client site) to carry out remote penetration testing of internal networks.
Communication plays an important role during security assessments. We explicitly request a list of fragile components during proposal and project initiation meetings. Low level attacks, Denial of Service attacks are explicitly deemed out of scope for all assessments.
Cyphere’s internal pen test reports are world class deliverables containing raw data to support proof of concept and risk remediation measures.
Risk remediation is sometimes a complex process due to the specialist security skill-set needed for IT teams. As part of our aftercare support, we provide help in preparing remediation plan to all our customers.
Optionally, we provide remediation consultancy to ensure all agreed findings are mitigated in line with best network security practices.
Benefits of Internal Penetration Testing
A secure infrastructure provides safe, secure environment
Infrastructure Penetration Testing Methodology
In order to perform an infrastructure security assessment, it is important to understand the context of assets in scope for the engagement. Our proven approach to network security assessments is based on more than a decade of experience, industry practices and effective ways to exceed customer expectations.
Cyphere’s pentesting engagement lifecycle methodology is broken down into five phases as demonstrated in the penetration testing methodology diagram.
- Initial Scoping & Objectives Agreement
- Remediation (Optional remediation consultancy to help mitigate risks identified during penetration testing)
Infrastructure Pen Test Approach
Recent Blog Entries
Read about the definition of cyber security architecture, it’s meaning, elements, purpose and benefits of usage. Discover how good architectural processes are pillars of strength for data protection.
Read best practices around vulnerability scanning frequency and which factors help you decide how often a scan should be fun.
Discover the most common types of cyber attacks affecting businesses worldwide. It also includes a look at cyber threats and attack vectors.
Discover the basics around SMB protocol, port 445 and 139 and differences. Read about whether SMB is secure and how to protect against dangerous attacks.