Select Page


Advanced pen testing by CREST certified experts

What is penetration testing? Penetration testing, also referred to as pen testing, is a simulated real-world attack on a network, application, or system that identifies vulnerabilities and weaknesses in cybersecurity. Penetration tests (pen tests) are part of an industry recognised approach to identifying and quantifying risk. They actively attempt to ‘exploit’ vulnerabilities and exposures in a company’s infrastructure, applications, people and processes. Through exploitation, Nettitude is able to provide context around the vulnerability, impact, threat and likelihood of a breach in an information asset.

It is frequently possible for a pen tester to gain remote access to operating systems, application logic and database records. Through active exploitation of direct and interconnected systems, Nettitude can provide strategic tools and guidance on risk and tailored advice on countermeasures for your company.

Benefits of Penetration Testing:

Manage your risk – A penetration test identifies vulnerabilities in your environment and allows you to remediate them before an adversary takes advantage of them.

Protects clients, partners and third parties – it shows your clients that you take cybersecurity seriously, and it builds trust that you’re doing everything you can to mitigate the risks of a cyber breach, giving your company a good reputation.

Allows you to understand the environment –A penetration test allows you to understand what is going on in the environment around you, and it helps you to understand the types of cyber-attacks that your organisation may face.

Identifies weaknesses you didn’t know were there – Penetration testing looks for the potential backdoors into your network that exist without your knowledge.

Basics of Pen Testing

If you’re new to the world of vulnerability assessment and penetration testing (VAPT) and wish to gain a simple understanding of what it is, be sure to check out our learning tools and resources to help get you started.

Nettitude: Award-Winning Penetration Testing Service Provider in Hong Kong

As a leading penetration testing company, Nettitude holds the most coveted accreditations not just in Hong Kong, but also across the world.


  • Nettitude is an active member of the Council of Registered Ethical Security Testers (CREST).
  • Nettitude is a proud member of the UK Government’s National cybersecurity Centre (NCSC) scheme. Our team of testers includes CHECK Team Leaders within infrastructure and web applications and CHECK Team Members.
  • Nettitude is an ISO 27001 certified organisation and conducts all external testing engagements from within a rigorously controlled environment. Nettitude’s security consultants hold CISSP qualifications, and many also host CISA and CISM accreditations. We have conducted thorough background checks on all of our pen testers.
  • Nettitude are also an authorised provider of CBEST and STAR testing services. Additionally, Nettitude’s 24/7 SOC is accredited to provide CREST SOC services.
  • The Nettitude security testing team includes CREST-certified Infrastructure Testers (CCT Inf), CREST-certified Web Application Testers (CCT App), and CREST Registered Testers (CRT).
  • In addition, our team comprises industry-recognised consultants and published authors that have been acknowledged by the media and the cybersecurity community.

Frequently Asked Questions About Penetration Tests

What are the different types of penetration tests available?

There are both internal and external penetration tests. Their utilisation is largely dependent on whether the tester plans to access the physical environment of the internet-facing environment.

Penetration tests can either be traditionally operated within an organisation or externally from the internet. The appropriate vantage point for the testing should be determined by an organisation’s focus on risk. Do note that the two places for testing aren’t mutually exclusive. Organisations with a strong focus on risk management will most frequently conduct testing from both an internal and external perspective.

Internal Penetration Testing

Internal penetration testing assesses security through the eyes of an internal user, a temporary worker, or an individual that has physical access to the organisation’s buildings.

Internal penetration tests are conducted from within an organisation, over its Local Area Network (LAN) or through WIFI networks. The tests will observe whether it’s possible to gain access to privileged company information from systems that are inside the corporate firewalls.

Testers with no credentials will assess the environment and determine whether a user with physical access to the environment can extract credentials and even escalate their privileges to that of an administrator or a superuser.

During an internal penetration test, the tester will attempt to gain access to sensitive data, including PII, PCI card data, R&D material, and financial information. They will also assess whether it’s possible to extract data from the corporate environment and bypass any DLP or logging devices to look into the countermeasures or controls that have been put in place.

External Pen Testing

External penetration testing assesses an organisation’s infrastructure from outside of the perimeter firewall on the internet. It assesses the environment from the vantage point of an internet hacker, a competitor, or a supplier with limited information about the internet-facing environment.

An external pen testing plan will assess the security controls configured on the access routers, firewalls, Intrusion Detection Systems (IDS) and Web Application Firewalls (WAF) that protect the perimeter.

External tests will also provide the ability to assess security controls for applications that are published through the internet. Nettitude recognises that there is increasing logic being built into website services to deliver extranet, e-commerce, and supply chain management functions to internet users. As a consequence, Nettitude pays particular attention to these resources. We also perform granular assessments on their build and configuration, as well as interaction with other data sources that sit in your protected network segments.


What are the different types of penetration testing strategies available?


Let Nettitude guide you through the differences between black, white, and grey box penetration testing services.

What is Black Box Penetration Testing?

  • In a black box test, the client doesn’t provide Nettitude with information about their website infrastructure other than a URL or IP, or in some cases, just the company name.
  •  Nettitude is tasked with assessing the environment as if they’re an external attacker with no information about the infrastructure or the application logic tested.
  • Black box penetration tests provide a simulation exercise that models how an attacker without any information, such as an internet hacker, organised crime organisation, or a nation-state sponsored attacker, could present a risk to the environment.

What is Grey Box Penetration Testing?

  • A grey box test is a blend of black box and white box testing techniques.
  • In grey box testing, clients provide Nettitude with snippets of information to help with the testing procedures. This results in added breadth and depth, along with wider testing coverage than black box testing. Grey box penetration testing provides an ideal approach for customers who want to have a cost-effective assessment of their security posture.

What is White Box Penetration Testing?

  • In a white box test, Nettitude is provided with detailed information about the applications and infrastructure.
  • It’s common to provide access to architecture documents and application source code.
  • It’s also usual for Nettitude to be given access to a range of different credentials within the environment.
  • This strategy will deliver stronger assurance of the application and infrastructure logic. It’ll provide a simulation of how an attacker with information (employee, etc.) could present a risk to the environment.

What does the penetration testing process entail?

Nettitude has a robust testing methodology that extends across infrastructure and application testing engagements. Although every penetration test is tailored to our clients’ individual needs, we follow the same proven methodology to maintain a consistent and reproducible set of results.

  • Phase 1: Scoping
  • Phase 2: Reconnaissance and Enumeration
  • Phase 3: Mapping and Service Identification
  • Phase 4: Vulnerability Analysis
  • Phase 5: Service Exploitation
  • Phase 6: Pivoting
  • Phase 7: Reporting and Debrief

Penetration Testing Reports & Deliverables

Testing Report & Documentation

  • You will receive a high-level management report and an in-depth technical review document for each engagement.
  • These documents will highlight security vulnerabilities and identify areas for exploitation.
  • In addition, they will provide guidance on remediation, with a focus on preventative countermeasures.

To gain access to a management and technical sample report related to your industry vertical, please contact us.

Test Debrief

Nettitude ensures that all tests have a full debrief at the end of the engagement.

If required, Nettitude can deliver this debrief in a face-to-face manner. During this process, we will provide a presentation of critical and high-level vulnerabilities, along with guidance on remediation and countermeasures.

When a face-to-face meeting isn’t required, Nettitude conducts debriefs through video conference and WebEX. Through this approach, we’re still able to share a comprehensive presentation of vulnerabilities and areas identified as being high-risk. We’re also able to give you live demonstrations of where exploitation is possible, together with guidance on how to secure the environment moving forward.

Post Test Guidance

  • You will be provided with three months of complimentary access to our Security Support Desk.
  • This provides a level of assurance through the remediation phase, ensuring that you can get all your vulnerabilities fixed in a time sensitive manner.

Frequently Asked Questions about Data Privacy Security

What is an incident response policy?

An Incident response plan or policy is a process you create before you experience a cyberattack. This is so that your team has a procedure to follow when you do experience a data breach. Nettitude follows the CREST Cybersecurity Incident Response process which is broken down into 3 phases: preparation, response, and follow up. Having a breach plan gives you the confidence to quickly nullify any threat to your data privacy security.

Why is data privacy security important?

Although it has always been important, the implications and need for higher security are coming into play now that technology is indispensable to everyday life. Using apps, browsing websites, and shopping online are all examples of how your data will be stored and managed online. For organisations today, the threat of cyber theft is a pertinent one. Having comprehensive data privacy plans in place can reduce and mitigate the risks of such events.

Does Nettitude practice sustainability?

As a company with a global footprint, sustainability is an area of importance to us. We are a registered ‘Investor in People’ organisation. Taking a cue from ISO 14001, we have strong sustainability practices put in place. Our organisation also hires fairly and equally, across gender and race. By working with us, you can rest assured that we implement data privacy security measures with ethics at the core of our mission.

Get in touch via the form below and get a free quote from us for our Red Team Security Testing services.

Get a free quote

speak to our experts