Ramallah-Palestine
Help: + 97222951525
Help: + 972599456833

External Penetration Testing



  • Home
  • External Penetration Testing
What is an External Network Penetration Test?

If you’re seeking a penetration test (pen test), the first question you’ll need to answer is, what kind?

Just like cybersecurity threats can come in many different forms, so do pen tests. But which form do you need? Do you need more than one?

If you’re not sure, don’t worry. IDEL Team performs 20+ pen tests a year of varying types, so we’re proficient in administering a diverse suite of these services.

What is the Purpose of an External Network Penetration Test?

When contemplating the definition of “penetration test,” the external variety might come closest to a direct translation.

An external network pen test is designed to discover and exploit vulnerabilities in hosts accessible via the Internet. Your pen test team acts as an attacker on the open Internet and attempts to breach those web-facing assets you have by identifying vulnerabilities and misconfigurations.

Using different techniques like port scans, vulnerability scans, reviews of weak or default configurations, and manual attempts to exploit any vulnerability identified on all in-scope hosts, your pen test team will work to push through where they can in order to gain access to your supporting infrastructure or service.

But that’s the extent of it. If a high-risk issue has been identified, your pen test team should document the steps to reproduce the issue with supporting screenshots when they provide you with a status update. If they do happen to gain access to the internal network, no further action is taken to pivot deeper. You’re left with a list of findings that need remediation.

Where to Start for Your External Network Penetration Test

Knowing all that, it’s possible you’re interested in understanding where your outward defenses may need shoring up. But where would you start? With the scope of what you’d like tested. Two different assessment types are commonly requested:

  • Shared Knowledge (Grey Box) Assessment:
    • You would provide a list of hosts (public IP addresses or domains) and your tester will only test against those approved in-scope hosts.
    • This is Schellman’s recommended approach.
  • Zero Knowledge (Black Box) Assessment
    • Rather than you provide a list, your tester would perform their own recon to discover all Internet-facing assets. They would then give you a list of their discovered hosts that you would need to approve before the start of any testing.
    • This method takes more time, as you’ll still need to verify that the hosts identified belong to your company before active testing can begin.

Again, it’s our opinion that a Grey Box assessment provides better value in time and overall results, but you should understand both options just in case.

Though approved hosts for testing are ultimately up to you, we do not suggest you restrict your scope or exclude hosts from any type of pen test.

error: