Such assessment answers the question "How easy is it to hack into the company from the Internet?”.
The scope of this test includes all infrastructures that are accessible from the Internet such as, web, mail, FTP servers, routers, and firewalls. The result of the test is a list of security problems discovered in the Internet-facing systems arranged in order of severity and recommendations of fixing those problems.
To start the test, we require a list of network blocks or IP addresses provided by the customer.
We scan the specified networks and identify accessible hosts. The list of hosts we have found is given to the customer to approve. This is done to avoid testing systems that do not belong to the customer and to avoid attacking critical systems that the customer does not want to be tested.
we proceed by scanning each system to determine its purpose, OS and services that are visible from the Internet.
We look for bugs and misconfigurations with a security impact in each host and service.
If a problem is detected, then we manually verify it by attempting to exploit it, which might have an impact on the server.
To start this service we have first to sign a contract to secure the customer against any violation from our side and agree upon the exact date and time of the test.. Please ask for a free assessment & the contract.