Remote Working Penetration Testing helps Identify Remote Working Weaknesses
Our Remote Working penetration testing service is a CREST approved, regulated, full-scope, multi-layered attack simulation, orchestrated from the perspective of a malicious threat actor, designed to measure how prepared your infrastructure, applications, people, processes and technologies can defend and withstand an attack from a real-life adversary, while uncovering potential risks and security vulnerabilities.
Penetration Testing is important for organisations of all sizes and the traditional style of penetration testing has done the job for many years. Now, however, a well structured and scoped penetration test needs to me more than a simple point in time test.
Remote Working Penetration Testing
There are a variety of technical solutions on the market allowing remote workers to access corporate resources from any location. These include site-to-site and client-based virtual private networks (VPNs), remote email access portals, and document shares to name just a few. They allow business as usual activities to continue when employees cannot work from the office. However, with so many different remote working solutions and possible configurations, there is the risk of a software or configuration issue introducing a vulnerability that could be exploited by a remote attacker.
How Remote Working Penetration Testing Helps
If an attacker identifies an exploitable vulnerability in your remote working solution, they may be able to access corporate data such as documents and emails.
If your solution provides remote access to the office local network, then the attacker could gain a foothold from which to attack internal servers, workstations, and infrastructure devices.
As part of our Remote Working Security assessment service, we use industry-leading techniques to assess the security of your remote working solution following a defence in depth approach, identifying the available public facing attack surface, authentication control weaknesses, segmentation issues, and any configuration vulnerabilities that could allow a user to escalate privileges.
Penetration Testing can be performed Internally within your corporate network or Externally over the Internet
Remote Penetration Testing
Traditionally, Penetration Tests have been conducted onsite where a our consultant would visit your office and physically connect to the network infrastructure to perform the assessment. With the issues faced around the Coronavirus situation, we have released our client portal, a technology-led alternative to having a consultant visit site.
We are offering a Remote Penetration Test where the whole engagement is performed without the need to visit the customer site. You can either download a Virtual Machine image that can be installed within the corporate network or be shipped a standalone network appliance.
Both solutions create a secure channel to the Hedgehog Security Operations Centre where the assigned consultant can then command the image or appliance in the same way as they would if they had their laptop on site.
All data collected during the test is held securely at our ISO27001 Operations Centre allowing the consultant to perform the assessment and upload the results to the client portal.
Hedgehog Security places great emphasis on the quality, reliability, and security of the services it offers. We are fully regulated by CREST, the Council for Regitered Ethical Security Testers and are authorised to deliver Cyber Security Consulting along with Penetration Testing, Vulnerability Scanning and IT Health Checks.
Get in Touch
Kindly fill the form and we will get back to you.