English | Français
Search
Main
Ethical Hacking
Automated AssessmentVulnerability Scanning
Penetration TestingPenetration TestsInternal Penetration TestingExternal Penetration TestingHybrid Penetration Testing
Expert Services
Security EvaluationSecurity AuditSource Code Review
Cyber-Crime ResponseDigital Forensics Incident Recovery Trademark Protection
Security AwarenessSecurity ConsultingTraining and CoursesVulnerability Monitoring
Resources
Security ResearchAdvisories
Media CenterRSSTwitterCorporate NewsMedia Publications
LiteratureCase StudiesSecurity Glossary Corporate Presentation
Company
ContactsCareersContact UsRequest Call-back
GeneralOverviewCertifications
ManagementManagement Team
High-Tech Bridge > Ethical Hacking > Penetration Testing > Internal Penetration Testing

Internal Penetration Testing

Internal Penetration Test is focused on the threats and risks that come from inside of a company, or that aim internal system or employee.

The most demanded modules of Internal Penetration Test include the following:

Client-Side Applications Attack


Client–Side applications attacks combined with social engineering are very efficient and complex to detect. The module verifies resistance of the application layer (e-mail clients, browsers, office and PDF programs) within local user-machines to a large number of application attacks.


Trojan Horse Attack


Trojan horse remains one of the most used and successful attacks today. Attacker keeps full control over compromised machine, stays invisible and can do whatever he wants inside of the system. This module of internal penetration test will check your firewall and IDS/IPS capabilities to identify and block Trojan horses and backdoors, as well as local security of user-machines.


Malicious Employee Attack


This module simulates behavior of a malicious employee who has a privileged access to a number of local IT resources, or who is trying to escalate his privileges and access rights. Log-management systems, behavior-based IDS and IPS will be carefully tested, as well as user rights segregation and access-level control.


Social Engineering and Phishing


Naïve or deceived employee can cause serious damage to your information system, by opening doors and granting unauthorized access to malicious persons. High-Tech Bridge experts will test psychological skills, respect of corporate security policy and procedures during the Social Engineering module of internal penetration test.


Malicious or Unauthorized Content


Malicious or unauthorized content module tests if content filters of your information systems (email, web and others) are correctly blocking all the malicious or unauthorized content in conformity with corporate security policy and security best-practices.



High-Tech Bridge Corporate Presentation

Security Glossary

Ethical Hacking ISO 27001 CISO/CSO OWASP OSSTMM CERT MELANI CEH IMPACT PCI DSS Security Policy COBIT
Ethical Hacking Penetration Testing Security Audit Digital Forensics Internal Penetration Test External Penetration Test Vulnerability Scanning Vulnerability Monitoring Advisories
2007-2010 © High-Tech Bridge SA™, Switzerland
Contacts Legal Disclaimer Privacy Policy
Print VersionPrint Version