External Penetration Testing

  • Home
  • External Penetration Testing
External Penetration Testing

An external penetration test emulates the role of an attacker attempting to gain access to an internal network without internal resources or inside knowledge. A TCM Security engineer attempts to gather sensitive information through open-source intelligence (OSINT), including employee information, historical breached passwords, and more that can be leveraged against external systems to gain internal network access. The engineer also performs scanning and enumeration to identify potential vulnerabilities in hopes of exploitation.

Our Methodology

All testing performed is based on the NIST SP 800-115 Technical Guide to Information Security Testing and Assessment, OWASP Testing Guide (v4), and customized testing frameworks.

Planning – Customer goals are gathered and rules of engagement obtained.
Discovery – Perform scanning and enumeration to identify potential vulnerabilities, weak areas, and exploits.
Attack – Confirm potential vulnerabilities through exploitation and perform additional discovery upon new access.
Reporting – Document all found vulnerabilities and exploits, failed attempts, and company strengths and weaknesses.

 

Contact Us

See How We Can Secure Your Assets

Let’s talk about how TCM Security can solve your cybersecurity needs.  Give us a call, send us an e-mail, or fill out the contact form below to get started.

tel: (877) 311-2011  |     email: info@tcm-sec.com