Infrastructure Testing

Let Pentest People measure your security posture through Infrastructure Penetration Testing to allow you to manage the identified issues.

Get in Touch

Explore More

Infrastructure Testing

Pentest People offer consultant-led Penetration Testing services to provide a thorough and independent examination of your corporate infrastructure and systems. Therefore allows us to identify software and configuration critical infrastructure security vulnerabilities.

There are two components to delivering our Infrastructure Penetration Testing service. These are Internal and External assessments. It is commonplace to combine these into a single Penetration Test that covers both the internal and external components of the network.

If you’re interested in learning more about Penetration Tests before your view this service why not take a look at our breakdown in a recent blog: What is a Penetration Test?

Download & view our digital Infrastructure Penetration Testing Data Sheet>>

Listen to one of our Infrastructure expert’s breakdown of this Pentest People Service

If you’re hard of hearing there is a transcript at the bottom of this page

Infrastructure Testing can be performed Internally within your corporate network or Externally over the Internet


Internal Penetration Test

Our Internal Infrastructure Penetration Testing service is performed by a qualified Pentest People Infrastructure security consultant who is onsite within your corporate network.

This type of Internal Penetration Testing looks for security issues and vulnerabilities on the inside of your corporate network. For instance, someone with the same physical access as a member of staff or other types of employee who has access to the building.

This Infrastructure Penetration Testing Assessment provides a very comprehensive view of the configuration of your corporate network devices and servers, from a security viewpoint of an insider, connected to your network.

Find out more


External Penetration Test

Our External Penetration Testing service is performed by a Pentest People Infrastructure security consultant whilst remote from your corporate network.

This type of assessment is concerned with assessing the external, Internet-facing infrastructure of your corporate network. This could be your Firewall, VPN endpoints, Web Servers, Mail Servers etc.

The level of access to these resources would be the same as an external hacker trying to break into your corporate environment. Therefore providing you with a real risk indicator as to your external security posture.

Find out more

Remote Internal Testing

Traditionally, Infrastructure Penetration Tests have been conducted onsite where a Pentest People Consultant would visit your office and physically connect to the network infrastructure to perform the assessment.

However, with the issues faced around the Coronavirus situation, Pentest People have released SecureGateway, a technology-led alternative to having a consultant visit site.

Pentest People are offering a Remote Infrastructure Penetration Test where the whole engagement is performed without the need to visit the customer site.

The client can either download a Virtual Machine image that can be installed within the corporate network or be shipped a standalone network appliance

Both solutions create a secure channel to the Pentest People Operations Centre where the assigned consultant can then command the image or appliance in the same way as they would if they had their laptop on site.

All data collected during the test is held securely at our ISO27001 Operations Centre allowing the consultant to perform the assessment and upload the results to SecurePortal for delivery to the customer.

Find Out More

What Are The Risks?

IT Security and the associated terminology is a mainstream issue for all businesses due to the reliance business places on its IT systems combined with the prevalence of attacks.

IT Security issues have become commonplace in today’s society with almost weekly coverage in the news regarding the latest data breaches. With the larger attacks attracting substantial financial penalties.

Various forms of compliance exist that mandate regular Penetration Testing as a required standard and the risks of not doing anything are widely publicised.

How Can Our Infrastructure Penetration Testing Service Help?

Pentest People can help alleviate the risks associated with IT Security issues by performing regular Internal and External security assessments of your corporate infrastructure. Allowing us to identify if any issues exist and to give you the ability to remediate these before an attacker could exploit them.

Pentest People are accredited to CREST and UK NCSC CHECK standards and can provide infrastructure penetration testing against all types of IT infrastructure used within your organisation

The service would be delivered as part of the Pentest People Penetration Testing as a Service (PTaaS) and full access to the SecurePortal and other complementary tools would be provided.

Find out more

Infrastructure Testing allows
access to SecurePortal


Digital Report

Until now, the traditional deliverable from a Penetration Testing engagement has been a lengthy 100+ page PDF report.

Pentest People have developed a solution to this issue where you interact with your vulnerabilities within the SecurePortal.


Vulnerability Data

Constantly updating Vulnerability Information to stay in touch with the emerging threat landscape.

Receive overview and trend data of all of the current security issues you face in your organisation. All are viewable on an interactive dashboard.


Skilled Consultants

Rest assured that your Infrastructure Testing assessments are performed by qualified Security Consultants.

Our specialised team of security consultants hold industry qualifications such as CHECK Team Member & Team LeaderCCIE, CISSP and CEH.

Infrastructure Video Transcript

Our Infrastructure Testing service consists of four penetration tests, followed by a comprehensive report cataloguing all the vulnerabilities found during the assessment. Before you receive the report, there’ll be an opportunity to discuss the vulnerabilities found in a bit more context, and any mitigations that you’ve already got in place to accurately assess the severity of the vulnerabilities. Within our suite of infrastructure testing services.

There are two main types of tests, external and internal infrastructure assessment. Our external infrastructure testing service is to identify vulnerabilities in externally facing services such as VPN login pages, and websites. These are often targeted by hackers to get an initial foothold. Our internal infrastructure assessment assumes that a breach of the network has already taken place and it aims to identify the top level of access an unauthorised user is going to be able to obtain in Active Directory environments. This is often a domain admin or enterprise admin account, as this represents the highest level of access to network resources on computers.

Our infrastructure testing methodology consists of both manual testing and automated vulnerability scanning for external infrastructure assessments. We start with vulnerability scans, service detection, and open source intelligence gathering.

Following the remediation advice, we provide in the report will help your business improve its cybersecurity.

Key Benefits

Understand the Internal and External security issues you face through a very thorough assessment from a qualified security consultant.

  • Identify Security Vulnerabilities within your organisation allowing you to proactively remediate any issues that arise
  • Improve your security posture, allowing you to reduce the threat of a cyber attack occurring against your business
  • Comply with various regulatory bodies who mandate regular Penetration Testing be performed within your infrastructure
  • Be able to prove to your supply chain that you are taking the necessary precautions to ensure your strong security posture
  • Be able to focus efforts on important security issues by identifying the high-risk items identified in the Penetration Testing report

Asked Questions
About Our Infrastructure Penetration Testing Services

An Internal Penetration Test is where a consultant would be placed within your corporate environment and connected to your internal network looking for security issues from the inside. An External Penetration Test is where a consultant looks for security issues from the outside of your network, generally over the public Internet.

A Vulnerability Scan is performed by a software tool that scans the network and checks available services for known vulnerabilities. A Penetration Test takes this one step further and uses a consultant to check for vulnerabilities that an automated scanner cannot find as well as to manually confirm any identified vulnerabilities.

The deliverable from this service is a full Penetration Test Report that is uploaded to our SecurePortal and available for you to interact with. This differs from the competition in the way this is delivered and we believe this is a much clearer way to work with an manage the results of the assessment.

Download our Penetration
Testing Data Sheet

Penetration Testing