Internal Infrastructure

An Internal Infrastructure Penetration Test involves simulating an insider attack to evaluate the security of your internal network and systems. This assessment identifies vulnerabilities such as misconfigurations, weak passwords, and access control issues, including attack chaining and pivoting to attempt to compromise the domain. Providing a detailed report with findings and recommendations to strengthen your internal defences against potential internal threats.

Workstation and Server Build Reviews involve assessing the security configurations of your workstations and servers against industry benchmarks and best practices. This assessment identifies misconfigurations, vulnerabilities, and compliance gaps. Providing a detailed report with findings and recommendations to ensure your systems are securely configured and aligned with industry best practices.

Content security reviews allow you to test Data Loss Prevention (DLP) technical controls and content moderation are working as expected.

A Wireless Security Assessment involves evaluating the security of your wireless networks to identify vulnerabilities and potential entry points for attackers. This assessment includes testing for weak encryption, unauthorised access points, and misconfigurations. Providing a detailed report with findings and recommendations to strengthen your wireless network security.

An Active Directory Security Review involves thoroughly assessing your Active Directory environment to identify security weaknesses and misconfigurations. This assessment includes Password analysis, evaluating user permissions, group policies, authentication methods, and other critical settings. Providing a detailed report with findings and recommendations to enhance the security and integrity of your Active Directory infrastructure.

Desktop Breakouts involve assessing the security configurations and gain an insight into how a malicious user could abuse the system to attempt to escape the controlled environment or escalate privileges.

A Mobile MDM (Mobile Device Management) Review involves evaluating the security and management of mobile devices within your organisation, guided by NCSC (National Cyber Security Centre) guidelines. This assessment checks compliance with best practices for device configuration, data protection, application management, and access controls.

A Credentialed or Authenticated Scan involves using valid login credentials to perform a thorough scan of systems from the perspective of an authenticated user. This type of scan provides deeper visibility into the internal environment, allowing the tester to identify vulnerabilities such as missing patches, misconfigurations, or weak security settings that may not be visible from an external or unauthenticated scan.