External Network Pentests

Review methodologies for External Networks. Includes instances of Microsoft Office 365.

Our pentesters test your assets rigorously.

We use the penetration testing methodologies listed on the page. If you want to know more about each methodology, navigate to the page associated with your asset.

External Networks

The Cobalt team of pentesters can proceed with a minimum of information, such as the IP addresses in question. However, you can include the following details in the scope of your desired pentest:

  • Network diagrams
  • Infrastructure diagrams
  • Accounts (even temporary accounts for pentests)
  • User information

When you set up a pentest for an external network asset in the UI, you’ll see the following in the Objectives text box:

Coverage of OSSTMM and SANS top 20 security controls.

Learn more about these objectives:

Methodology Details

We follow an industry standard methodology primarily based on the OSSTMM standard for penetration testing. Our team takes the following steps to ensure full coverage:

Select the key for more information on each step.

Target scope reconnaissance
Service discovery
Vulnerability scans
Manual assessment. Includes DNS, routers, firewalls, web, email, and more

External network pentest flow

Additional Requirements

You’re welcome to define additional test objectives. If you follow best practices other than OWASP, ASVS, or OSSTMM, let us know. Include a link or other documentation. If it’s a “well-known” security practice, our pentesters probably already know them!

If you have special instructions for a pentest, add them later, under Special Instructions.

Was this page helpful?

Yes No Create an Issue

Last modified May.05.2023