Network penetration test
Once in, all gone: How easy is it for hackers in your network?
Network penetration test
Our core business and passion: We check demand-orientated your systems and applications in the network, document the current status and show you where you can position yourself better.
What is the difference between a network penetration test and a vulnerability scan?
An automated vulnerability scan is a process in which a computer programme is used to automatically check a network or system for vulnerabilities.
In contrast, a manual penetration test involves an experienced security expert performing vulnerability tests manually using various techniques to identify potential vulnerabilities in a system or network.
A key difference between the two methods is that an automated vulnerability scan uses a computer programme to check the system, whereas a manual penetration test is carried out by a human expert. This means that a manual penetration test is usually more precise and comprehensive, as it is carried out by an experienced security expert who is able to recognise and assess complex threat scenarios.
Penetration test classification
There are various parameters that can be agreed before carrying out a penetration test. They all have their pros and cons.
Information basis
Realisation
- without prior knowledge (black box)
- with partial prior knowledge (grey box)
- with extensive prior knowledge (white box)
Scope
The scope describes the extent of the network penetration test. During the penetration test, we check your technical and organisational security measures, with a clear focus on the technical aspects. The scope defines exclusions and framework parameters that must be adhered to during the test - for example, network areas or components on which a special focus should be placed or which should not be considered during the analysis.
Aggressiveness
Should the penetration test rather
- Aggressive (thus possibly more time-saving)
- cautious
- Passive
- or weighing up
be carried out?
Scope
Should the penetration test complete, by factors such as budget limitedor focus on specific weak points focus?
Procedure
Should the penetration test be carried out obviously (extensive log entries are not a problem here, the defence lawyers are in the loop) or covertly?
Starting point
Should the test be carried out from outside, from the DMZ or from inside? Is a separate test network provided?
When does a Network PenTest make sense for my company?
- You want to gain practical knowledge about the security of your network and its components.
- You want to check whether the security solutions you are using, such as firewalls, are effective.
- You need concrete recommendations for possible safety measures.
- You want to fulfil the latest compliance standards and legal requirements.
The colleagues at Laokoon were on hand to answer any questions we had and provided uncomplicated support.
Team Leader Development