Network pentest

How many systems are in the corporate network? Often it is not known or some have been forgotten. Being sure that no system can be hacked is therefore often not possible.
Sometimes it is as simple as the smart bulbs to your server network, hackers use what they come across. So it’s important to make sure that all devices on your network are secure. A network pentest is an effective tool to find and plug the holes in your network. We find these leaks with our own developed NetCaptain. As experienced hackers, we have bundled our favorite tools into a super scanner. Servers, printers, websites and workstations, everything is thoroughly examined.
But a scan alone is not a pentest. In addition to the results NetCaptain provides, our ethical hackers go to work identifying the risks that can really hurt your business. Want continued visibility into the security of your business network? With a NetCaptain license, you can continue to test the security of your server network every day.

179

Network pentests performed

✓ Three steps to assurance

✓ Seeing what a hacker sees

✓ In-depth investigation with a clear report

✓ Conducted by our ethical hackers

✓ Insight into network and IT infrastructure vulnerabilities

✓ More than 10 years of experience

Network pentest request

How does a network pentest work?

Having CyberAnt perform a network pentest takes three steps.

Step 1: Preparation

For a network pentest, NetCaptain is used as a base. After the official part of the agreement is taken care of, you will be given an installation file to install NetCaptain. When NetCaptain is running in the network then we schedule a session to do the configuration together. NetCaptain itself can find systems on the network, but it’s nice to know where to have NetCaptain look.
NetCaptain can find even more vulnerabilities when login credentials are present, e.g. we can also find who forgot to update their Google Chrome.

Step 2: Hacking and scanning

During configuration, we agree on when NetCaptain will scan. This can be during the day, but also at night or on weekends.
When all the scans have been performed, one of our ethical hackers goes off. NetCaptain detects almost all known vulnerabilities and makes them visible in a dashboard, categorized by threat level. In addition, some vulnerabilities cannot be found automatically, for this our cyber security experts go to work to manually detect everything. The data from the scan results are also interpreted by our experts and a map is made of where the pain points are within the network.

Step 3: Report

When we finish turning the network inside out, we compile all the findings into a summary report. A description of the vulnerabilities is given with an estimate of the risk and impact. In addition, we also advise how best to fix a vulnerability.
Everything is substantiated with the evidence found for completeness. After delivering the report, we schedule a presentation of the report. Here we discuss the results and there is plenty of room to ask questions. This way we make sure that you are able to solve all found vulnerabilities.

Learn more about the network pentest

Want to know if a network pentest suits your specific situation, or want an immediate quote?
Let us know, fill in your information and we will contact you.

What can you expect in a network pentest?

The team that performs the network pentest consists of a cybersecurity expert and an ethical hacker who purposefully look for security risks and then identify them. The network is thoroughly checked for weaknesses and leaks. In addition to the comprehensive scan with NetCaptain, the team is an important addition to ensure that all security risks are identified and addressed.

The report that is delivered during a network pen test is structured in an orderly fashion. First, the management summary indicates how secure the network is, substantiated by the most important findings. The introduction contains all the general information and details of the investigation. In the findings section, all the findings that were made are made transparent by a brief explanation, followed by a table that includes the risk, impact and recommendation. Below are all the details of the evidence of the finding. Then all the recommendations associated with the findings are presented in a clear overview.

What we encounter in a network pentest

A corporate network often grows organically over the years. It makes sense that you don’t know exactly how every device is configured when you have hundreds of systems in your network. Certainly not if your colleagues and suppliers also connect new devices to the network at will or your former colleague forgot to document everything properly.

Every network has its own peculiarities. Wondering what surprises can be found in your network? We would love to help you!

Get in touch

Example 1. Printers

During a network pen test, NetCaptain’s scan revealed that the printers were not password-protected. This made it fairly easy for us to watch live what was being printed and scanned. This could quite easily lead to company-sensitive information or a data breach, which would have quite an impact on the company. So something that is very easy and so arranged but not done can have major consequences just like that.

Example 2. Server on laptop

During a network pen test for a client, one of our cyber security specialists discovered that an employee had a server running on the laptop. This contained a serious leak that allowed us to access the laptop. From the access to the laptop it was also possible to access almost all the other servers of the company. These are one of the most dangerous leaks. We were still performing it from the company network, had this employee been sitting somewhere with the laptop externally in a public environment then an outsider could have easily managed to get that access as well. Fortunately, in this case it was detected in time and thus a possible cyber incident could be prevented.

What does a network pentest cost?

The cost of a network pentest depends on the size of the network. For example, for a company with about 500 targets (IP addresses / systems) the cost will be around 2,500 euros. For companies with more than 500 targets, a custom quote will be made, so this will vary by the size of the network. It is an investment that pays for itself by preventing security problems and protecting your business data, customer data and systems. Do you also want to keep hackers out of your network? Then make an appointment for a free intake interview with one of our cyber security experts.