External Network Penetration Testing
In this activity, Meristem assumes the role of a generic Internet user who has selected your organization as a target for attack. This user has no credentials, but will use open source intelligence, network scanning, and publicly disclosed exploits to attempt to gain unauthorized access to the organization’s infrastructure and sensitive information in order to avoid unintended consequences, a specific set of IP’s and domains will be agreed to prior to the start of the engagement. Meristem will go beyond a simple automated scan, and attempt to exploit potentially vulnerable services, while taking care to avoid actions that are likely to disrupt the production environment.