Objectives of an External Pentest

Overview

The main goal of an external pentest is to test the security of a company from an outside perspective. We don't have to break into the internal network to be successful, we want to evaluate the opportunities and potential vulnerabilities that could lead to an attack.

For example not having MFA on is a big vulnerability, you could have a strong password policy but that doesn't mean someone can't get phished and give the credentials up.

Protecting the client is the biggest priority so any findings that could lead to them being compromised is worth writing about in the report

PreviousBefore Starting NextChecklists

Last updated 11 months ago

Was this helpful?