Infrastructure Penetration Testing
Identifying security vulnerabilities present on your on-premises and cloud-based endpoints, servers, network devices and networks.
​What is an infrastructure penetration test?
A test focused on interacting with devices and networks to identify security vulnerabilities which could be exploited to harm your organisation.
Reasons for commissioning a penetration test
1
Understanding whether any exploitable security gaps are present in your environment.
2
Meeting regulatory compliance requirements, such as those specified for ISO27001.
3
Meeting customer or client requirements, such as during the onboarding process.
4
Strengthening your competitive position in the market, including during tender process.
How should the testing scope be defined?
The scope can be determined by the commercial motivator for commissioning the penetration test.
Narrow Scope
A narrower scope may be better suited for meeting compliance requirements.
Broad
Scope
A broader scope is more appropriate if you are looking to accurately determine the cyber risk profile of your internal infrastructure.
Our approach to penetration testing
Wilbourne applies a fresh perspective to delivering penetration tests which is underpinned by a collaborative effort to understand the unique characteristics of your environment.
​
Most consultancies deliver traditional infrastructure penetration tests, which often focus on automated vulnerability scans and light-touch manual validation, and offer limited value.
​
Wilbourne invests additional time to truly understand your network architecture, key devices and instrumental IT migrations. This translates to an amplified experience where the technical testing and remediation advice is enriched with deep insights into your organisation - this effort will transform the test and raise the value you receive.
Pre-Engagement Interviews
Our infrastructure penetration testing leads will speak with your IT lead and network architects, including requesting technical documentation, to familiarise ourselves with your environment.
Mid-Engagement Check-in
Technical delivery, spanning host discovery, vulnerability scanning and penetration testing, will commence. The findings of which will be presented to you and we will ask for your input to further shape the remaining testing direction.
Follow-up Check-in
We will leave time before the engagement concludes to collaborate on vulnerabilities found and agree on any particular devices or areas of the network to focus on. This will allow us to align on how to make best use of the remaining testing time.