Select Page


Advanced pen testing by CREST certified experts

What is penetration testing? Penetration testing, also referred to as pen testing, is a simulated real world attack on a network, application, or system that identifies vulnerabilities and weaknesses.

Penetration tests (pen tests) are part of an industry recognised approach to identifying and quantifying risk. They actively attempt to ‘exploit’ vulnerabilities and exposures in a company’s infrastructure, applications, people and processes. Through exploitation, Nettitude is able to provide context around the vulnerability, impact, threat and the likelihood of a breach in an information asset.

It is frequently possible for a pen tester to gain remote access to operating systems, application logic and database records. Through active exploitation of direct and interconnected systems, Nettitude can provide strategic guidance on risk and tailored advice on counter measures.

Benefits of Penetration Testing:

Manage your risk – A penetration test identifies vulnerabilities in your environment and allows you to remediate them, before an adversary takes advantage of them.

Protects clients, partners and third parties – it shows your clients that you take cyber security seriously, and it builds trust and a good reputation, that you’re doing everything you can to mitigate the risks of a cyber breach.

Allows you to understand the environment –A penetration test allows you to understand what is going on in the environment around you, and it helps you to understand the types of cyber attacks that your organisation may face.

Identifies weaknesses you didn’t know were there – Penetration testing looks for the potential backdoors into your network that exist without your knowledge.

Basics of Pen Testing

If you’re new to the world of penetration testing and wish to gain a simple understanding of what it is, be sure to check out our learning resources to help get you started.


What Accreditations Should I Look For In a Penetration Testing Company?

As a leading penetration testing company, Nettitude holds the most coveted accreditations across the world.


  • Nettitude is an active member of the Council of Registered Ethical Security Testers (CREST) and is one of the few global companies that is certified by CREST across all key disciplines. 
  • Nettitude is a proud member of the UK Government’s NCSC scheme. Our team of testers includes CHECK Team Leaders within infrastructure and web applications, as well CHECK Team Members.
  • Nettitude is an ISO27001 certified organisation and conducts all external testing engagements from within a rigorously controlled environment. Nettitude’s security consultants hold CISSP qualifications, and many also host CISA and CISM accreditations. All our pen testers have been fully background checked.
  • Nettitude is also an accredited supplier of CBEST and an approved provider of STAR testing services. Additionally, Nettitude’s 24/7 SOC is accredited to provide CREST SOC services.
  • Nettitude’s security testing team includes CREST certified Infrastructure Testers (CCT Inf), CREST certified Web Application Testers (CCT App) and CREST Registered Testers (CRT).
  • The Nettitude team is comprised of industry recognised consultants and published authors that have been recognised by the media and the cybersecurity community.

What Are The Different Types Of Penetration Tests?

There are both internal and external penetration tests, dependant on whether the tester is accessing the physical environment of the internet facing environment.

Penetration tests can traditionally be run internally within an organisation or externally from the internet. The appropriate vantage point for the testing should be determined by an organisation’s focus on risk. In addition, the two places for testing are not mutually exclusive. Organisations with a strong focus on risk management will most frequently conduct testing from both an internal and external perspective.

Internal Penetration Testing

This type of testing assesses security through the eyes of an internal user, a temporary worker, or an individual that has physical access to the organisation’s buildings.

Internal penetration tests are conducted from within an organisation, over its Local Area Network (LAN) or through WIFI networks. The tests will observe whether it is possible to gain access to privileged company information from systems that are inside the corporate firewalls.

Testers will assess the environment without credentials, and determine whether a user with physical access to the environment could extract credentials and then escalate privileges to that of an administrator or super user within the environment.

During an internal penetration test, the tester will attempt to gain access to sensitive data including PII, PCI card data, R&D material and financial information. They will also assess whether it is possible to extract data from the corporate environment and bypass any DLP or logging devices so as to assess any countermeasures or controls that have been put in place.

External Pen Testing

This type of testing assesses an organisation’s infrastructure from outside of the perimeter firewall on the Internet. It assesses the environment from the vantage point of an internet hacker, a competitor or a supplier with limited information about the internet facing environment.

External pen testing will assess the security controls configured on the access routers, firewalls, Intrusion Detection Systems (IDS) and Web Application Firewalls (WAFS) that protect the perimeter.

External tests will also provide the ability to assess security controls for applications that are published through the internet. Nettitude recognises that there is increasing logic being built into web services to deliver extranet, e-commerce and supply chain management functions to Internet users. As a consequence, Nettitude pays particular attention to these resources, and performs granular assessments on their build and configuration, as well as interaction with other data sources that sit in your protected network segments.

What Are The Different Types Of Penetration Testing Strategies?

Let Nettitude guide you through the differences between black, white and grey box penetration testing services.

What is Black Box Penetration Testing?

  • In a black box test, the client does not provide Nettitude with information about their infrastructure other than a URL or IP, or in some cases, just the company name.
  • Nettitude is tasked with assessing the environment as if they were an external attacker with no information about the infrastructure or application logic that they are testing. Black box penetration tests provide a simulation of how an attacker without any information, such as an internet hacker, organised crime or a nation state sponsored attacker could present risk to the environment.

What is Grey Box Penetration Testing?

  • A grey box test is a blend of black box and white box testing techniques.
  • In grey box testing, clients provide Nettitude with snippets of information to help with the testing procedures. This results in added breadth and depth, along with wider testing coverage than black box testing. Grey box penetration tests provide an ideal approach for customers who want to have a cost-effective assessment of their security posture.

What is White Box Penetration Testing?

  • In a white box test, Nettitude is provided with detailed information about the applications and infrastructure.
  • It is common to provide access to architecture documents and to application source code.
  • It is also usual for Nettitude to be given access to a range of different credentials within the environment.
  • This strategy will deliver stronger assurance of the application and infrastructure logic. It will provide a simulation of how an attacker with information (employee, etc) could present a risk to the environment.

Our Penetration Testing Services


Network Penetration Testing Services

In a network penetration test, your network infrastructure is security tested using a variety of techniques from a number of vantage points, both external and internal. We test a wide range of connected network devices including servers, laptops, storage drives, printers, network appliances, and even your web applications. We look at how those components operate and communicate, who has access to them, and more. From this, we will be able to determine the security posture of those assets, as well as your network as a whole. We will determine where the most important vulnerabilities exist, which ones are most likely to be exploited by threat actors, and what actions should be taken to remediate these risks.

Cloud Penetration Testing Services

As technology progresses, cloud operations are becoming more and more popular. Even though this is a convenient solution, the ever increasing reliance upon cloud systems means the risks and implications can be far greater. Cloud penetration testing assesses the security of your cloud services in all environments – whether it’s Infrastructure as a Service (IaaS), Platform as a Service (PaaS), or Software as a Service (SaaS).

Web Application Penetration Testing Services

Web applications are one of the most common types of software in use today. Due to their complexity and ubiquity, web applications represent a unique challenge to the security posture of any organisation. Modern web applications handle increasingly sensitive data, so it is important to ensure that they do not introduce significant risks to an organisation.

Nettitude has a large team of CREST-certified penetration testers who specialise in web application penetration testing. The Nettitude penetration testing team is diverse and has a wealth of experience in security and software development.

Nettitude are highly capable of penetrating testing web applications, web services, APIs and more, across an extremely large range of technologies.

Mobile Penetration Testing Services

Mobile applications have become an integral part of everyday technology – however apps can increase your organizations attack surface, putting you at risk. During mobile app testing we assess design, data handling, network communication and authentication, amongst other areas. We look at the security of the app in the context of the device it resides on, as well as its communications to your servers and that server infrastructure.

IOT Testing

Many of your connected devices could be at a risk of cyber-attacks , and the risk can increase with the number of devices present, therefore there is an increased need for these devices to be tested and protected. Nettitude works with creators of smart devices to provide assurance around the security posture of their devices. IOT penetration tests provide a valuable way to assess the security levels associated with a given connected device.

Social Engineering Services

Rather than only looking at technology, social engineering tests with people in mind. Engaging your people with phishing emails, malicious phone calls, phishing style text messages, or even tempting them with malicious physical media, all could provide a backdoor into your corporate environment for an attacker to exploit from the outside. Social Engineering tests are designed to help assist organisations increase their security posture and reduce the risk of remote attacks being successful, with emphasis on human vulnerability factors.

Red Teaming

The red team mimics a real world threat actor. We select a relevant type of attacker along with their tactics, techniques and procedures, based on our unique threat intelligence research and capabilities. Realistic scenarios are constructed and followed. This includes physical security testing, social engineering, 3rd party relationships, hacking, malware insertion, pivoting and human manipulation . Each scenario has a specific stated objective, and the associated attack chain is designed to test your organizations ability to prevent, detect and respond to cyber-attacks as they unfold.

Firewall Security Testing Services

A firewall is designed to act as a gate keeper between different networks and has long been an important security staple. Our firewall tests look at a number of relevant elements. In order to provide the most detailed, relevant and bespoke service possible, we will first ensure that we understand how your network is architected by speaking with your people, reviewing relevant documents and understanding relevant processes. Then, we assess the configuration of the firewall itself; for example we will check the firmware version, user access controls, logging, etc. Finally, we’ll review the actual firewall rules that govern what traffic can traverse it.

What Is The Penetration Testing Process?

Nettitude has a robust testing methodology that extends across infrastructure and application testing engagements. Although every penetration test is tailored to our clients’ individual needs, we follow the same proven methodology so as to maintain a consistent and reproducible set of results.
  • Phase 1: Scoping
  • Phase 2: Reconnaissance and Enumeration
  • Phase 3: Mapping and Service Identification
  • Phase 4: Vulnerability Analysis
  • Phase 5: Service Exploitation
  • Phase 6: Pivoting
  • Phase 7: Reporting and Debrief

Penetration Testing Reports & Deliverables

Testing Report & Documentation

  • You will receive a high-level management report and an in-depth technical review document for each engagement.
  • These documents will highlight security vulnerabilities and identify areas for exploitation.
  • In addition, they will provide guidance on remediation, with a focus on preventative countermeasures.

To gain access to a sample management and technical report related to your industry vertical, please email us.

Test Debrief

Nettitude ensures that all tests have a full debrief at the end of the engagement.

If required, Nettitude can deliver this debrief in a face to face manner. During this process we will provide a presentation of critical and high level vulnerabilities along with guidance on remediation and countermeasures.

When a face to face debrief is not required, Nettitude conducts debriefs through video conference and WebEX. Through this approach we are still able to share a comprehensive presentation of vulnerabilities and areas identified as being high risk. We are also able to give you live demonstrations of where exploitation was possible, together with guidance on how to secure the environment moving forward.

Post Test Guidance

  • You will be provided with three months of complimentary access to our Security Support Desk.
  • This provides a level of assurance through the remediation phase, ensuring that you can get all your vulnerabilities fixed in a time sensitive manner.

Request A Free Quote

speak to our experts