Internal infrastructure

Internal infrastructure refers to all systems connected to a company’s network. The hope that no one will access the internal network is, unfortunately, often a false assumption. Through phishing attacks or physical on-site access, outsiders can gain access to the internal network faster than you might think. We investigate what an attacker could achieve within the internal network. This includes checking connected cloud infrastructure, WLANs, and employee laptops.

Why Internal Infrastructure Pentests?

s

Our main reasons for internal infrastructure pentests:

  • Attackers gain internal access faster than one might think, for example, through phishing attacks, zero-days, or physical on-site access possibilities, such as open doors (Defense in Depth)
  • High attack potential due to a multitude of systems with various security requirements (production/OT, database servers, office network, …)
  • Ability to assess and reduce the risk of an attack and rapid spread

 

When to Conduct Internal Infrastructure Pentests

In our view, the best times are:

  • As a starting point to address the security of your internal network
  • During infrastructure changes
  • Regularly, to test vulnerabilities against new attack methods

 

Results

i

Typical pentest results are:

  • Find out how easily attackers can spread and what vulnerabilities they could exploit – starting from the network connection, as with physical on-site access, and starting from a laptop, as after a successful phishing attack
  • Vulnerabilities in systems and user management, such as Active Directory (AD)
  • Statement on the security level of the internal infrastructure

 

What we need from you

For an internal infrastructure pentest, we require the following from you:

  • Access to a standard workstation (laptop/virtual) within your internal infrastructure:
    • Option 1: Via a laptop with VPN that you send to us (remote)
    • Option 2: Via VPN to a virtual client (remote)
    • Option 3: On-site using one of your laptops (travel costs apply)
  • Access to a Linux system that we control:
    • Option 1: Provide/integrate a VM with Kali Linux (remote)
    • Option 2: Connect our MindBytes box to your network (remote)
    • Option 3: On-site, we may need activation for our test laptops
  • A standard user account, like for someone working in the office
  • If with laptop check: A standard workstation (laptop/virtual)
  • If with WLAN check: Names of the WLAN SSIDs and, if applicable, WLAN passwords (Pre-Shared Key)

 

Book a free initial consultation now

Whether it’s a pentest, red teaming, or “something in between”—
we look forward to talking to you!

Contact
Configurator