The Advanced Lab
Internal Penetration Testing
Internal penetration testing is completed on the private network space. It is conducted in the scenario that a live attacker has gained access through the external security posture. Testing can be completed in one of three ways:
- VPN access is granted to the penetration testing team for the portion of the internal network to be tested.
- 360 Advanced's Penetration Testing team can ship out a device Internal Testing Device (ITD) that is then attached to the internal network. The device, once online, will call back to the penetration testing team over a secure VPN connection to allow access to conduct the testing.
- In cases where a VPN is not available and the infrastructure is not accessible to hook a device to, the Red Team can supply a virtual instance of the ITD that can be plugged into the network and then removed once testing is completed.
There is a catastrophic risk tied to bad actors gaining Domain Administrator access. While conducting your Internal Network Penetrating Testing, the 360 Advanced team works tirelessly to identify weak points within your network, its topology, and its policies related to potential routes that could lead to Domain Administrator access.