During an Internal Attack & Penetration Test, Secmentis consultants simulate the "insider threat" (e.g. a disgruntled employee or business partner) by employing the same tools, methods and tactics used by the bad guys to breach the internal network and IT systems of your organization.
The goal is to identify your internal vulnerabilities ahead of time and advise you on how to fix them, before a real insider threat incident occurs. During an internal penetration test, we attempt to gain access to as many of your critical internal systems as possible.
Secmentis Internal Penetration Test services are available internationally and can be provided remotely. We provide Internal Penetration Tests worldwide in the Americas, Asia & Pacific, Europe, and Middle East & Africa regions.
Our Internal Penetration Tests are conducted from the perspective of an internal, malicious insider. We methodically follow these steps:
Note: Our penetration tests begin only after you have given us explicit and signed authorization.
Secmentis will provide you with a report which includes the following deliverables at the end of our testing:
Can you confidently answer "Yes!" to the following?
We provide peace of mind by putting these fears and assumptions to the test.
Who could attempt to hack your organization?
Which vulnerabilities does our Internal Penetration Test cover?
Which IT assets does our Internal Penetration Test cover?
Malicious or disgruntled employees are the most common insider threats. They seek to either cause damage or steal your secrets.
They target: (a) Trade and Corporate secrets, (b) Personal information, (c) Business plans, and (d) Customer information.
It's possible that some customers may have malicious intent and are looking to extract information. On the other hand, organized cyber criminals may target your organization through your customers.
They target: (a) Employee personal information, (b) Sensitive business information, and (c) Trade secrets.
It may be possible that cyber criminals are attacking your organization through your trusted vendors.
They target: (a) Personal information, (b) Sensitive business information, (c) Trade and Corporate secrets.
Ex-employees already have insider information and know how your business works. They may seek to cause brand damage or steal secrets.
They target: (a) Key people and employee information (e.g. emails), (b) Sensitive business information, and (c) Trade and Corporate secrets.
Be proactive by contacting us to find out how we can help
Our Internal Penetration Tests are tailor-made for your organization and cover your specific internal IT assets.
We attempt to breach employee-facing web servers and websites belonging to your organization (e.g. Apache HTTP Server, Nginx, IIS, internal web portals, intranet sites, etc.).
We attempt to penetrate employee-facing application servers belonging to your organization (e.g. Oracle, Apache Tomcat, etc.)
We attempt to breach employee-facing database servers belonging to your organization (e.g. MySQL, PostgreSQL, Oracle, Microsoft SQL Server, etc.)
We attempt to infiltrate employee-facing network routers belonging to your organization to gain unauthorized access.
We attempt to penetrate employee-facing network firewalls belonging to your organization.
We attempt to breach employee-facing file servers belonging to your organization (e.g. FTP servers, SFTP servers, NFS servers, SMB/CIF servers, Microsoft SharePoint servers, etc.)
(source: CSO & Accenture)
Our Internal Penetration Tests cover the industry-agreed most critical internal network and software vulnerabilities.
Let Secmentis find your vulnerabilities first. Contact us today to get started
“I will definitely contact them again in the future, and recommend Secmentis to everyone who is in need of their services. Thank you for professional and fast work. I really appreciate it!”
Director, (undisclosed) Internet company
“The Secmentis team was very professional in their communications and testing approach, and the penetration testing was very thorough. We were very happy with the report, and found the report to be very well written and very detailed. Secmentis did a great job and delivered the engagement quickly and effectively.”
Director, (undisclosed) Insurance company
“We were extremely pleased with Secmentis’ work on the penetration testing engagements. The reports created by Secmentis were very helpful and of very high quality.”
Director, (undisclosed) Social Media company
Talk to us today to find out how our experts can best help you