Infrastructure Penetration Testing
Infrastructure Penetration Testing is important for organisations of all sizes. The traditional style of penetration testing has done the job for many years but it is time for change. Hedgehog delivers CREST Defensible Penetration Testing as standard. Our Infrastructure penetration tests are well structured, with thorough scopes. Our testing meets the tests of external auditors as a true, exact penetration test.
Penetration Testing Process
Scope: Every infrastructure penetration testing engagement starts with a scope. The scope is built by our most senior testers. These testers are CISSP, OSCP and CREST CRT qualified. The agreed scope is then turned into a worksheet and assigned to one of our three pentest teams.
Test: Each team is led by a seasoned team leader. It is their job deliver a complete test and ensure that all 422 infrastructure testing checks have been completed.
Signoff: Once testing is completed, the report and all of the test data is reviewed by our CISO for signoff. Once it is signed off, it is delivered by our secure testing portal.
Parts of an Infrastructure Penetration Test
There are two components to delivering our Penetration Testing service, Internal and External assessments. It is commonplace to combine these into a single Penetration Test that covers both the internal and external components of the network.