PERIMETER TESTS
What the internetcan seeabout you.
Perimeter tests map the external attack surface of your organisation in full: exposed services, VPN appliances, mail relays, DNS, certificates and cloud resources. The goal: no attacker holds more information about you than you do yourself.
01 · ATTACK SURFACE
Inventory before exploitation.
We start with passive reconnaissance via certificate transparency, DNS history, ASN relationships, GitHub leaks and public repositories. Building on that we run authenticated service fingerprinting and produce a complete inventory of all IPv4 and IPv6 endpoints. In almost every engagement we find assets the customer didn't know about.
02 · APPLIANCES
Fortinet, Citrix, Ivanti, Sophos, Palo Alto.
VPN and edge appliances have been the most important entry point for ransomware crews for years. We check patch levels against current and historical CVEs, look for management interfaces that do not belong on the public internet, validate MFA enforcement and test for the typical misconfigurations in SSL-VPN and web interfaces.
03 · HYGIENE
DNS, mail, certificates, subdomain takeover.
SPF, DKIM, DMARC and BIMI are reviewed. We test for open relays and auth bypass in mail servers, subdomain takeover via dangling CNAMEs in Azure, AWS and GitHub Pages, weak or expired certificates, CAA policies and DNS rebinding risks for internal services. Small findings with significant leverage.
READY
The outside view, done properly.
One perimeter test per year is the minimum. We deliver a clean baseline and continuous attack surface monitoring as an optional follow-up.