EXTERNAL NETWORK PENETRATION TESTING
CHECKING YOUR NETWORK SECURITY
Using target IP address ranges you provide, WavePort Security will use network scanning tools to identify which specific IP addresses are in use and the operating system and type of device using each address. We will then conduct further scans to identify TCP and UDP ports open on the system and the services listening on those ports. We will also map the topology of the target network.
WavePort Security will then proceed to search identified systems and services for known vulnerabilities and misconfigurations. Web servers in scope of the assessment will be examined to identify “off-the-shelf” (non-custom) web applications with known vulnerabilities. We will also perform manual testing of identified services and non-custom web applications.
With your approval, WavePort Security will proceed to exploit identified vulnerabilities to validate the presence and impact of the issues. We will attempt to use compromised systems and services to exploit other systems in your network to test the depth of network defenses.