Internal Network Penetration Testing

Let’s face it, the traditional “internet perimeter” is a thing of the past. Today, organizations host workloads in on-premise data centers, cloud service providers, SaaS solutions and more. This hybrid internal network makes adopting an “assumed breach” mindset more important than ever. Abricto Security conducts internal network penetration testing to measure the blast radius in the event a threat actor finds themselves in your internal network.

Abricto Security’s consultants leverage cutting-edge tools, tactics and procedures to assess the resilience of your internal network against modern day threats. We meet with you and your team to understand your organization’s unique risk appetite. Then, we tailor our approach when conducting our assessment to emulate risk scenarios and validate defensive controls. While testing your network, our consultants publish findings in the Abricto Client Portal, giving you real-time visibility to the vulnerabilities uncovered.

• IPv6 exploit vectors
• LLMNR and NBTS poisoning
• ARP poisoning
• NetNTLMv2 relay attacks
• Kerberos exploitation
• Unpatched service-specific exploits
• Living off the land
• Password strength
• Privileged identity management
• Server hardening
• Security operations center visibility

• Comprehensive security findings report detailing systems targeted, vulnerabilities identified, exploit walk-throughs and remediation guidance
• Executive debrief to quantify business risk
• Technical debrief to discuss exploit scenarios, remediation recommendations and next steps
• Testing artifacts to replicate findings and test efficacy of remediations