The Internal Penetration Test aims to assess the ability of an unprivileged user, or an attacker, that gained initial access to Customer’s environment, to operate unhindered throughout the environment. LMNTRIX follows a standard methodology that consists of environmental reconnaissance, privileges escalation, lateral movement, and, in some cases, vulnerability exploitation in order to accomplish the pre-defined objectives. LMNTRIX will attempt to use compromised systems and services to exploit other systems in Customer’s environment in order test the depth of network defenses.
LMNTRIX will then attempt to accomplish the pre-defined objectives by any in-scope means not explicitly stated as off limits or potentially harmful to the environment. These objectives could include, but are not limited to, compromise of the domain, theft of email, or proof of access to sensitive data, such as payroll, intellectual property, Personally Identifiable Information (PII), or Personal Health Information (PHI).
LMNTRIX will make note of any changes made to the environment (such as account creation or modification) and inform Customer. LMNTRIX will use a combination of internally developed tools and scripts in addition to open source and commercial tools.
We help you
Know whether your critical assets are at risk
Identify and mitigate complex security vulnerabilities before an attacker exploits them
Understand how the most sophisticated attackers operate based on intelligence gained from our years performing incident response
Attain realistic findings and comprehensive recommendations
What You will get
High level executive summary report
Technical documentation that allows you to recreate our findings
Fact-based risk analysis to validate results
Tactical recommendations for immediate improvement
Strategic recommendations for long-term improvement
Ready toGet Started?
Our security experts are standing by to help you with an incident or answer questions about our
consulting and managed detection and response services.