Penetration Testing

What to Expect During Your Upcoming External Penetration Test


Customers often have questions about their upcoming external network penetration test. Many times our analysts are asked: What systems will be affected? Will this disrupt my business? What information do you need? This blog article aims to answer those questions and alleviate any potential client concerns.

Before the Pentest

Prior to starting an external penetration test, SecurIT360 analysts perform several checks with customers. First, we will confirm customer access to the SecurIT360 share file platform. This platform is used to communicate findings and share sensitive data securely. All information sent over this platform is only accessible by SecurIT360 staff and the client representative. Repeat clients should be familiar with this platform and will likely be asked to confirm their access, while new clients will have an account created for them.

Another step that typically occurs during the week before an external penetration test is confirmation of the client’s public IP ranges and cloud resources. This ensures that our analysts target the correct assets. The customer can provide the IP ranges listed in CIDR notation or with their corresponding subnet masks.

During the Pentest

On each day of the penetration test, an analyst will reach out to the client representative in an email that details the work to be done that day. The typical process for an external penetration test at SecurIT360 occurs in three steps: recon, attacking, and reporting. During the recon and attacking phases, the analyst will remind you to contact them if you receive any alerts from your Security Operations Center (SOC) or Managed Security Services Provider (MSSP). This gauges their responsiveness to the attempts made by the analyst to access your network or systems.

It’s important to understand that we do not perform any attacks designed to harm your systems. In fact, we take every precaution to avoid negatively impacting any services or systems in scope. Password sprays are done in intervals and are designed not to lock accounts. On occasion, password policies or an incorrect login attempt by an employee may result in a locked account. If your organization has a password policy that locks user accounts after a predetermined number of incorrect attempts within a certain time frame, it is important to communicate this to the Securit360 team. At any time, the client may email the analyst to pause or stop the attacking process.

A common concern from customers is that an external penetration test may throttle internet bandwidth or disrupt payment systems. This is simply not the case with our external process. The external attack process at SecurIT360 is specifically designed to not interfere with daily operations or cause a Denial of Service. If an analyst is able to pivot into the internal environment, the analyst will stop, and the customer is alerted. Likewise, if a critical vulnerability is discovered during the testing process, the client is alerted immediately to correct the vulnerability.

Reporting & Follow up

Depending on the scope of the network and the number of findings, the analyst will typically issue a draft report the week following a penetration test. We then ask the client to review the report and communicate any questions or concerns back to the analyst. When all the client’s concerns have been addressed, a final report is issued.

Often, clients will seek help remediating issues discovered during testing. Following a penetration test, our team will work with yours to understand and mitigate vulnerabilities. We will also issue an attestation form that states the work that SecurIT360 performed without detailing the vulnerabilities found on your network. These attestation forms are often required for compliance.


The goal of an external penetration test is to identify gaps in your external network, demonstrate the risk they present, and help inform you how to best close those gaps. Our mission as the Offensive Security Team at SecurIT360 is to find the holes before the bad actors do and help you secure your network. If you have any further questions about our external penetration testing process, please reach out to our team, and we would be happy to answer.

General Cyber and IT Security

Cybersecurity Tips For International Travel

International travel presents unique challenges to securing devices and information. This is particularly true when traveling to destinations that are considered to be high cyber risk countries such as China or Russia. 

Here are some precautions to take when traveling to these countries that will improve the security of your devices and data.  

Before you travel, you should first consider your company policies and procedures. Your device may have Mobile Device Management which can allow for a remote wipe of data if your device is lost or stolen. It may also specify an application whitelist or limit the device’s use when traveling.

Your company may also have a regularly scheduled backup for data and files to a secure server. If they do not, ensure that you back up all your device information before traveling internationally.

Another important consideration is to update your anti-malware and anti-virus before leaving the country. This guarantees that your device can defend against the most recent exploits. 

Finally, make sure your hard drives and data storage devices are encrypted, and be sure to verify the local laws of the country that you are visiting. Some countries, like China, do not allow encrypted devices and your device may be seized.  

When traveling internationally it is imperative that you always maintain physical control of your devices. Thieves often target foreigners for their devices and may extract sensitive data or personal information.

Another important reminder is to never connect a device to an insecure or untrusted connection. A simple act like plugging your phone into an unknown USB charger or outlet may install malware or extract data.

Avoid connecting to public Wi-Fi networks and turn off automatic connections for Wi-Fi and Bluetooth. 

When using your device in a foreign country establish a secured Virtual Private Network or VPN connection to a server in the United States. A VPN creates an encrypted tunnel to transfer your information and data. Still, you should assume any communications made in high cyber risk countries may be monitored.  

After returning home from your international travel, it is critical to not introduce any devices back into your home or work network. Doing this may introduce malware into the network. Instead, immediately format and update your devices along with your anti-virus and anti-malware programs.

It is also good practice to change the passwords of any devices that were brought with you during your travel. If any of your credentials were compromised while traveling, changing your password when you return may prevent escalation of any cyber threats.

Finally, monitor your financial accounts when returning to ensure that no credit card or account information was compromised.