External Network
Penetration Testing

Security Simplified conducts external infrastructure penetration testing from an “anonymous” user perspective over the Internet. The methodology is derived from industry security standards that covers over 30,000+ security test cases. Security Simplified use a toolkit of open source and licensed version of tools for the assessment.

Security Simplified consultants perform both vulnerability scanning and manual penetration testing to exploit each network layer vulnerability. We use multiple tools and manual techniques to ensure the accuracy and maximum attack surface area coverage. We work with you closely to schedule the testing to ensure the availability of your environment is not impacted.

Our methodology is derived from the below standards:

  • Penetration Testing Execution Standard (PTES)
  • MITRE ATT&CK Framework
  • Open Source Security Testing Methodology Manual (OSSTMM)
Image
Image

Our Methodology

Information Gathering via Public Resources

Open-Source Intelligence

Subdomain Reconnaissance

Port Scanning & Service Fingerprinting

Vulnerability Scanning

Licensed & Open Source Tools

PTES, MITRE ATT&CK & OSSTMM Methodology

Automated & Manual Testing

Vulnerability Exploitation

Executive Summary

Finding, Risk Rating and Recommendation

Ongoing Support

Reporting

  • Executive summary for the management
  • Vulnerability dashboard for the project team
  • Technical report for the development team
  • Vulnerability description, root cause, impact and remediation steps
  • Reporting and risk rating matrix based on PTES, MITRE ATT&CK and OSSTMM standards

Want to work with us?

Do you need help finding information or want to know more about what Security Simplified services can do for you?

CONTACT US

Copyright @2022 Security Simplified Limited