Your Basket
Cyber security for any size of business
CREST member company
Team of friendly certified experts

Remote Access & VPN Penetration Test

Remote Access & VPN Penetration Test

Remote working became a necessity in 2020 because of the COVID-19 pandemic. Every business implemented a level of remote working to keep the lights on. In a business environment that must now contend with both a pandemic and cybercrime. Due to the rise is cybercrime it is now more than ever imperitive to understand how secure your systems are. Despite this, allowing employees to work remotely offers businesses considerable benefits. In 2020 it allowed businesses to continue to function. Many companies that had previously not permitted remote working were now mandating it.

Why is it important

Remote access solutions, by their very definition, introduce gaps in the traditional model of IT security. That is their purpose. They can also leave the organisation's logical perimeter porous. These are the gaps that criminals seek out to exploit and could prove to be a significant vulnerability.

Through penetration testing, you can learn where the gaps, weaknesses and holes in the current remote access solution exist. 

Our Remote Access Penetration Testing service will help you to:

  • Get a real-world insight into your vulnerabilities and configuration weaknesses;
  • Identify the most likely path for an attack;
  • Highlight any places where the target systems could be leaking sensitive data;
  • Implement better and stronger authentication and session management controls; and
  • Significantly improve access control.

What the test entails

Our CREST certified penetration tester shall conduct an unauthenticated test of your externally facing remote access solutions.

Your remote access solution may be technologies such as Citrix, Terminal Services, Remote Desktop Services, or traditional VPN's. 

Our testers use a combination of web application and infrastructure tests to identify any vulnerabilities and security weaknesses within the target systems.

Your penetration tester will:

  • Review the target environment to assess your network and identify information that would be useful to a hacker;
  • Carry out a series of automated vulnerability scans;
  • Perform a range of manual tests using a methodology closely aligned with the OSSTMM (Open Source Security Testing Methodology Manual);
  • Immediately notify you of any critical vulnerabilities to help you act quickly;
  • Produce a detailed report that identifies and explains the vulnerabilities, ranked in order of significance;
  • Make recommendations on countermeasures to address any identified vulnerabilities; and
  • Provide an executive summary that explains what the risks mean in business terms.


Our Remote Access Penetration Testing package applies to any business or organisation. It allows for testing of two external IP addresses used for remote access solutions. The service is provided remotely and is suitable for organisations in any sector or industry. 


The testing will take half a day. The test windows will be arranged to minimise the impact. Out of hours testing is an option, at extra cost.

COVID-19: remote delivery options

We want to reassure our clients that all our services remain fully operational during the current COVID-19 situation. Hedgehog fully embraces flexible and remote working. We adjust our delivery methods to provide consultancy services, penetration tests, and training remotely where necessary. 


Why choose Hedgehog

We only use experienced penetration testers to carried out clients penetration tests. Our penetration testers have the necessary technical skill set, qualifications and industry experience. They have the strong technical knowledge and proven track record needed to enable a successful penetration test. Our testers can carry out safe exploitation of applications and systems, advising on the appropriate mitigation measures required to ensure that your systems are secure.

Our CREST-certified penetration testing team will provide you with clarity, technical expertise and peace of mind. Our experienced testers will have reviewed your scoped environment, tested it to the fullest during the time permitted and will provide you with a detailed report.

We perform a high number of Azure-based penetration tests. All of our penetration tests comply with the Microsoft Rules of Engagement. We appropriately limit all penetration tests, ensuring only your assets are touched, avoiding unintended consequences to your customers or your infrastructure.


Contact Us

Ask us a question, any question at all. As long as it has to do with Information Security / Cyber Security, we will get back to you with an answer.