	RISK COMPLIANCE SECURITY
Solutions CorrelatedVM™ DEA EPCS Education Energy Financial Healthcare Mobile Retail Technology Services Services Overview Strategic Security Services Vulnerability Management Risk Analysis PCI DSS / PA-DSS IT Audit Healthcare / DEA EPCS Application Security Network/Infrastructure Security Penetration Testing News NetSPI In The News Events Press Releases Resources White Papers Case Studies Presentations Webinars Company Why NetSPI Management Our Approach Certifications Partners Careers Contact Blog

Services

Network Penetration Testing

Internal Network Penetration Test

Understanding internal network attack vectors and their likelihood of success is equally important as perimeter security. Today most Advanced Persistent Threats (APT) are delivered via phishing emails and cross-site scripting attacks that provide threat agents with direct access to the internal network. During Internal Network Penetration Testing, NetSPI's qualified penetration testers will attempt to gain unauthorized access to internal systems, applications, and sensitive information. After gaining initial access, NetSPI will attempt to escalate privileges on the network, verify access to critical systems, and identify additional information resources that may be exposed. NetSPI will also attempt to identify common widespread issues such as database links configured with excessive privileges, shared service accounts, and the storage of clear text passwords. Finally, NetSPI will work with clients to create project specific objectives to help them meet compliance and internal goals. Overall this approach will help provide a more comprehensive understanding of the current internal network security posture.

External Network Penetration Test

Understanding external network attack vectors and their likelihood of success is critically important. Countless bots, worms, and hackers attack Internet accessible systems twenty-four hours a day, seven days a week. Perimeter security is the first line of defense, and should be hardened accordingly. During External Network Penetration Testing, NetSPI's qualified penetration testers will attempt to gain unauthorized access to external systems, applications, and sensitive information. After gaining initial access, NetSPI will attempt to escalate privileges on the internal network, verify access to critical systems, and identify additional information resources that may be exposed. NetSPI will also attempt to identify common widespread issues such as cross-site scripting, shared service accounts, and the SQL Injection. Finally, NetSPI will work with clients to create project specific objectives to help them meet compliance and internal goals. Overall this approach will help provide a more comprehensive understanding of the current external network security posture.

PCI Penetration Test

PCI network penetration tests follow a similar approach to the standard NetSPI internal and external penetration tests. However, they take into consideration the required scope, appropriate sample sizes, and reporting requirements outlined in the PCI 11.3 requirement and supplement.

Why Choose NetSPI

Read about NetSPI's unique combination of advantages.

Contact NetSPI

NetSPI's Assessment Services

NetSPI offers a unique approach to assessment services. First, we make extensive use of multiple best-of-breed software tools. Second, we combine that automated testing with manual testing by our expert consultants who also have development experience. Third, we use our own CorrelatedVM™ engine to correlate test results and eliminate false positives. This automated tool allows us to do more testing upfront, since it allows for rapid sifting of the results. Finally, our work is managed by project managers who use proven processes and quality controls to produce high-value, actionable recommendations.