services mesh background
services mesh background

Network and Infrastructure Penetration Testing

Identify and address security vulnerabilities in your ICT network and infrastructure with CREST-approved penetration testing.

Best Cyber Security Company 2021

Best Cyber Security Company 2021

Best Cyber Security Company 2022

Best Cyber Security Company 2022

Crest Accreditation

What is a network and infrastructure pentest?

Network and infrastructure penetration testing detects vulnerabilities in an ICT network or infrastructure. It looks at different entry points into the system and uses them to determine how cyber attackers can exploit them. As the world increasingly moves online, the risk of your systems and data being breached or compromised increases. Network and infrastructure penetration testing is essential to find and fix any weaknesses in your systems before a cyber incident occurs.

During a network and infrastructure assessment, our consultants will conduct a simulated attack scenario mimicking attacks carried out in the wild. These can generally be broken into two forms, an internal network assessment and an external infrastructure assessment.

What is an internal network assessment?

Internal assessments are conducted within your network perimeter. They aim to uncover what an attacker may achieve if they breach your external network’s defences and gain access to your internal network.

Internal network assessments can be designed to mimic the level of access someone may achieve by entering your premises and plugging into the network. They can also replicate the level of access granted to employees or be used to assess the damage of insider threats, such as rogue employees.

During an internal assessment, our highly experienced testers will seek to move laterally across a network, compromising machines along the way. They will try to escalate their privileges to effectively take over the network. Our consultants use tried and tested techniques alongside custom methods to achieve these goals, accurately mimicking the actions taken by real hackers. During this phase, typical activities include:

  • Finding insecure systems and services
  • Finding and exploiting software containing publicly disclosed vulnerabilities
  • Reviewing active directory permissions to find weaknesses that could enable the escalation of privileges
  • Compromising user accounts
  • Intercepting passwords in use on the network
  • Determining the controls in place to protect access to sensitive information

Benefits of internal network testing

Internal testing provides a comprehensive assessment of the ICT network within your network perimeter. It can accurately simulate the actions that may occur following a security breach. It provides valuable insight into how effective your defences are against potential attacks.

As the level of access granted is often equivalent to employee access levels or those visiting a building, it can provide meaningful insight into the risks posed by insider threats.

The main benefits of internal network testing include:

  • Gain a comprehensive review of the internal configuration of your network
  • Determine the impact of a potential breach on your business
  • Assess your existing defences and controls
  • Discover weaknesses that could be used during a breach or compromise
  • Gain insight into the risk posed by insider threats
  • Comply with regulatory requirements which mandate regular pentesting
  • Understand how attackers can move through your internal infrastructure and compromise essential services
  • Recommendations to reduce the risk in case of a breach

While internal assessments, historically, were completed on-site, due to the rise of remote working, it’s now often possible to complete these assessments remotely.

What is an external infrastructure assessment?

External assessments examine a network’s perimeter defences to identify and exploit weaknesses in the system from outside the organisation.

Our team will simulate an attack on the external and public-facing infrastructure. This may cover web and mail servers, virtual private networks (VPNs) and file servers.

We’ll scan your public network ranges for open ports, then analyse detailed information about those hosts to find potential weaknesses that may be exploited. This can include unpatched or outdated software, or weak login or security credentials. Once potential vulnerabilities are identified, our team will try to use them to gain access to the hosts and any data they hold.

Benefits of external infrastructure testing

Your external network perimeter is the first line of defence against attackers.

External testing focuses on identifying and exploiting weaknesses in your network’s publicly accessible infrastructure.

Without any credentials, our team will assess your network security posture and its configuration, simulating an attack by a real adversary.

The goal is to detect any misconfigurations and uncover the fundamental weaknesses hackers could use to gain access to your network or valuable data stored on your systems. The main benefits of external infrastructure testing include:

  • Assess systems at the edge of your network perimeter (such as web servers, file shares, mail servers etc.)
  • Assess the configuration of the network perimeter (such as VPNs and firewalls)
  • Discover publicly available information that attackers could leverage
  • Discover public-facing assets
  • Harden your external facing security posture
  • Detect vulnerabilities visible to attackers
  • Ensure regulatory compliance

Penetration test reporting

To maximise the value gained from a penetration test, it is essential to act upon the vulnerabilities identified during an engagement. Our penetration testing service provides a detailed technical report to assist you in making these important improvements.

Our technical penetration testing reports include:

  • A succinct Management Summary with key statistical information
  • A Technical Summary covering the most important considerations
  • Full technical details of every vulnerability discovered, including the assessed impact
  • Clear vulnerability weightings to aid in prioritising remediation
  • Detailed and practical guidance for technical remediation of each vulnerability

We understand that technical reports can be difficult to consume, so ours is tailored heavily on feedback from our valued customers. Furthermore, our consultants are always available to discuss questions you may have once you have received the report.

Types of penetration testing

As well as network and infrastructure pentests, our team provides the following penetration testing services:

Assesses your web applications and supporting components, such as APIs, for security vulnerabilities that may be exploited to compromise your application data and/or users. We use similar tools and techniques to legitimate threat actors.

Provides an in-depth review of your application’s security to ensure the data it processes is secure. We have vast experience assessing applications across iOS, Android and Windows, and mobile development frameworks such as React Native, Flutter and Xamarin.

Attempts to find misconfigurations that may expose your cloud systems and data to a malicious actor. It’s performed against environments hosted by a cloud service provider, such as Amazon Web Services (AWS), Google Cloud and Microsoft Azure.

Find out more about our full range of penetration testing services, providing a comprehensive portfolio of testing solutions for your IT systems, websites, applications and cloud infrastructure.

Get a quick quote

Contact Us

Why choose Sentrium?

Our experienced and CREST-certified penetration testing team ensures we offer the required level of expertise to provide an accurate and comprehensive network and infrastructure penetration testing service.

Our consultants will work closely with you to determine the most appropriate testing and clarify any questions you may have.

Our communication-focused client-first approach ensures that our consultants are always on hand to answer any questions you may have. We pride ourselves on establishing and building strong and collaborative long-term relationships with our clients.

Frequently Asked Questions

Once the scope and testing limitations have been agreed upon, our CREST-accredited pentester(s) use a standard methodology. Reconnaissance is the first phase, where information is gathered about the target environment. They will then fingerprint any applications, services and systems, gaining further insight for exploitation and potential lateral movement through the network.

Our highly skilled CREST-registered penetration testers simulate attacks on your ICT networks and infrastructure using the same tools and techniques as those employed by real-world malicious adversaries.

This depends on the agreed-upon scope of the penetration test. For example, factors that may affect how long a penetration test takes include the size of the network under review, whether it’s an internal or external network, and whether any pentesting is performed from an authenticated perspective.

Network environments are never static and are constantly changing. New software, hardware, users and authentication methods can all increase your network’s attack surface, creating more opportunities for hackers to exploit. When coupled with the continuous emergence of new vulnerabilities, there’s never been a better time to schedule a consultation with one of our consultants. Our skilled consultants have extensive knowledge of compliance and regulatory requirements, from Data Protection and GDPR to ISO27001 and PCI DSS and will be able to determine the network and infrastructure approach best suited to your needs.

This depends on the size of scope and how many days it will take to complete the penetration testing. Contact us for a quote where we can assist you with any requirements or questions you may have.

Our skilled pentesters follow strict guidelines in accordance with legal and technical standards to ensure minimal disruption to your business while a penetration test is performed.

CREST is an international not-for-profit accreditation and certification body representing and supporting the technical information security market.

Companies can become a CREST member and apply for CREST-accredited services. The application requires a rigorous assessment of companies’ processes, data security and service methodologies to ensure they’re executed to best practice standards.

Yes! Sentrium are a CREST-approved penetration testing provider. We’re proud to provide services that achieve CREST’s extremely high standard of quality and professionalism, which is recognised internationally.

Working with a CREST-approved penetration testing provider ensures you’re in safe and experienced hands. You should have the confidence that your penetration test is thorough and comprehensive. Your provider must conduct a technically accurate test that covers the required scope of your IT controls to ensure your primary security concerns are assessed.

Once the penetration test is complete, the pentester(s) assigned to the project will compile a detailed report containing the identified vulnerabilities, what risks they pose and recommendations on how to remediate them. Once we’ve delivered the report, our team will be available for a conference call to discuss the report in detail and answer any questions you may have.

Our clients

Adam and James have been great to work with. Very clear communication from start to finish making the process very easy to complete whilst taking the time to understand our needs and queries.

Director, Software as a Service (SaaS) Company

Sentrium has been incredibly helpful in reviewing and improving our cyber security efforts! Working with Adam has been a breeze from the start, as he always makes sure to keep in mind our budget and understanding of the subject matter. For us, cyber security went from being an enigma to something we can actually tackle with confidence!

Project Manager, Charity Sector

I’ve been impressed with the speed and quality of the services provided by Sentrium. Great communication and engagement with the team, and a very professional and flexible approach throughout. I’ll certainly be looking to use Sentrium again in the future!

Head of Technology Risk & Security, Financial Services

Get in touch with our experts to discuss your needs

Phone +44(0)1242 388634 or email [email protected]


    • Insights
    • Labs
    ISO 9001 and ISO 27001

    Sentrium Achieves ISO 9001 and ISO 27001 Certifications

    In an increasingly digital world, the importance of quality and security cannot be overstated. Sentrium Security Ltd is excited to share our recent achievement –…

    What are the different types of penetration testing?

    What are the different types of penetration testing?

    As digital business becomes more widespread, the need to ensure data security increases. One way to test its effectiveness is through penetration testing. Penetration tests…

    OWASP Global Image

    OWASP Top 10 2021 Released

    The Open Web Application Security Project (OWASP) is a not-for-profit organisation that aims, through community-led open-source projects, to improve the security of web-based software. OWASP…

    Using a CREST-Approved penetration testing provider

    What is CREST penetration testing and why is it important to use a CREST-approved provider?

    Trusting the effectiveness of your IT security controls is crucial to mitigate risks and malicious access to your systems and the information they store. Penetration…

    cloud computing technology concept transfer database to cloud. T

    How secure use of the cloud can digitally transform your business

    Companies that move towards digital transformation can innovate more quickly, scale efficiently and reduce risk by implementing cloud security best practices. Businesses must keep up…

    How to prepare your business for secure cloud migration

    How to prepare your business for secure cloud migration

    The cloud holds a lot of potential for organisations. Moving your IT environment to a secure cloud provides flexibility and agility. It allows your team…

    Application Security 101 – HTTP headers

    Application Security 101 – HTTP Headers Information Disclosure

    Server Header Information Disclosure The most common HTTP header that is enabled by default in most web servers is the ‘Server’ header, which can lead…

    SPF, DKIM, DMARC and BIMI for Email Security

    SPF, DKIM, DMARC and BIMI for Email Security

    Sender Policy Framework Sender Policy Framework (SPF) is a DNS TXT record that is added to a domain that tells email recipients which IP addresses…

    Terraform security best practices

    Terraform security best practices (2022)

    The following sections discuss our most important Terraform security best practices: The importance of Terraform State Terraform must keep track of the resources created. When…

    Security vulnerability in Follina exploit

    Preventing exploitation of the Follina vulnerability in MSDT

    The Follina Exploit A zero-click Remote Code Execution (RCE) vulnerability has started making the rounds which is leveraging functionality within applications such as Microsoft Word.…

    Application Security 101 – HTTP headers

    Application Security 101 – HTTP headers

    1. Strict-Transport-Security The HTTP Strict Transport Security (HSTS) header forces browsers and other agents to interact with web servers over the encrypted HTTPS protocol, which…

    Code, HTML, php web programming source code. Abstract code background - 3d rendering

    New Exchange RCE vulnerability actively exploited

    Exchange admins now have another exploit to deal with despite still reeling from a number of high profile attacks this year including ProxyLogon and ProxyShell.…