External Network Penetration Testing and Vulnerability Assessment

Identifying Gaps to Improve Your Cyber Defenses

Tyler Cybersecurity’s External Vulnerability Assessment and Penetration Test identifies the key strengths and weaknesses of your current environment, allowing you to see how it would handle various types of cyber-attacks. Once we’ve assessed your system for vulnerabilities, we conduct simulated attacks where we behave like the world’s most sophisticated cyber-intruder to determine how those vulnerabilities could be exploited. Using the results, we develop a remediation strategy that will help you mitigate the risk of falling victim to legitimate cyber intruders.

Service Benefits

The external network perimeter delivers public-facing network services that could provide a point of entry to unauthorized attackers through the successful exploitation of identified vulnerabilities. Performing assessments against the external network perimeter can help an organization:

  • Confirm publicly available networks / systems and the applications running on those systems;
  • Fulfill requirements of applicable regulations and / or compliance standards;
  • Validate / assess the effectiveness of existing security controls;
  • Identify / assess the impact of network weaknesses before a malicious attacker does;
  • Assess the adequacy of intrusion detection and response systems; and
  • Gain actionable recommendations designed to mitigate discovered vulnerabilities.

The Tyler Cybersecurity Methodology

Our external vulnerability assessment and penetration testing methodology is continuously engineered to meet evolving best practices and is informed by several standardized approaches.

Each engagement is customized to meet unique goals and objectives, therefore the specific elements of our methodology that are leveraged is contingent upon the level of testing and defined scope. The following is an accounting of the potential testing phases and their respective individual elements:

footprint-analysis-and-reconnaissanceFootprint Analysis / Reconnaissance

This step involves searching various publicly available sources for detailed company-specific information. This allows us to identify target systems and provides information that may prove useful in an attack.

system-service-and-vulnerability-identificationSystem, Service, and Vulnerability Identification

Here we take a more focused look at the devices, servers, and Internet-facing applications. We use a variety of specialized security tools to identify the architecture and vulnerabilities. The goal is to identify systems / devices that respond to authorized and unauthorized requests, the services / applications that those systems are providing, and inherent and/or potential vulnerabilities.


This is the attempt to gain unauthorized access to systems and / or information utilizing the vulnerabilities identified in the previous phase. This task is customized based upon the findings of the engagement. Tyler Cybersecurity’s approach is to exploit the perimeter vulnerability and gain access to systems / information; once access is obtained, Tyler Cybersecurity will report the finding to the client so the method of access can be remediated promptly. If requested by the client, Tyler Cybersecurity can attempt to pivot the attacks towards internal machines; however our general approach is to report the finding and move on in an attempt to find additional external vulnerabilities.


In this final phase of the engagement. Tyler Cybersecurity will generate an executive summary and a technical report that explains the findings, includes visuals/screenshots, provides customized remediation recommendations, and, if available, includes details on repeating the attack scenario. This report is generally delivered via a WebEx report delivery.

Tyler Cybersecurity’s cybersecurity professionals bring highly-skilled expertise to each unique engagement through specialized training in security testing disciplines. Continuous education is a fundamental element of ensuring quality testing and Tyler Cybersecurity personnel maintain several professional credentials.

Service Options

The scale and scope of each engagement is a function of satisfying business obligations and understanding organizational risk tolerance. Tyler Cybersecurity works in a collaborative fashion to customize the level of engagement that will satisfy unique organizational needs. A mix of options can also be selected depending on the type and frequency of testing desired.

External Vulnerability Assessment

Primarily automated testing using a commercial network vulnerability scanner; excludes manual penetration testing. An external vulnerability assessment is ideal for periodic testing between penetration testing engagements and as a quick verification / sanity check when changes are made to the organization’s perimeter.

Baseline External Vulnerability Assessment & Penetration Test

Building on the external vulnerability assessment, Tyler Cybersecurity will attempt to verify / exploit the vulnerabilities identified. In addition, Tyler Cybersecurity will perform testing for default credentials on any common systems / software found as default passwords are a common and easily exploited attack. Ideal for budget-conscious organizations with developing cybersecurity programs that would like to get a basic understanding of their external security posture.

Comprehensive External Vulnerability Assessment & Penetration Test

Building on what is offered at the baseline level, this test includes manual attack techniques, open source intelligence gathering, target environment specific research, and unauthenticated web application testing against commonly used applications. This option is best suited for compliance-driven organizations and high-value targets (i.e. Financial Institutions, Healthcare Organizations).

In recent years, 80% of all high vulnerabilities and 46% of all vulnerabilities that Tyler Cybersecurity reported in penetration tests were found due to the manual techniques that are incorporated into this level of penetration testing.

Custom Web Application Penetration Test

This type of testing is necessary for any website / web application that is custom developed for the organization and recommended for any website / web application that uses sensitive information. As it requires a significant manual effort for the most effective results, custom scoping / pricing is required for most engagements.

Depending on the size, scope, complexity, and sensitivity of the web application, a minimum number of days will be recommended. Testing can be conducted from an authenticated or unauthenticated user perspective and performed from various user roles with unique privileges (end user, manager, administrator, etc.).

Mobile Application Testing

Mobile application testing is a thorough review of a mobile application installed on a mobile device. Via automated tools and manual testing, Tyler Cybersecurity reviews the mobile application for insecure configuration settings and insecure data storage. In addition, Tyler Cybersecurity uses the application as a normal user, and proxies the traffic through an intermediary system to analyze the network traffic for insecure data transmission.

Part of a mobile application review is testing the HTTP requests made by the application using the Web Application Testing Methodology described above. Tyler Cybersecurity’s mobile application testing methodology is designed to review the mobile application for the top mobile application risks.

Reports and Recommendations

Once we have completed the External Network Vulnerability Assessment and Penetration Test, we will provide you with:

  • An executive report in PDF summarizing our findings.
  • A corresponding interactive HTML report detailing vulnerabilities by severity for each device.
  • An action plan in MS Word with customized remediation recommendations, assignments, and activities.


Contact us today for a demonstration!



The Tyler Cybersecurity Lifecycle

Cybersecurity isn’t a destination.

Cybersecurity Lifecycle

There is no single, straight path that will get you to the point where you can say, “We did it! We’re 100% cyber-secure.”

A more realistic destination is cyber resiliency – the ability to prepare for and adapt to changing conditions, so you can withstand and recover rapidly from disruptions. Achieving cyber resilience depends on what we like to call the cybersecurity lifecycle – an ongoing cycle of interconnected elements that compliment and reinforce one another.

Learn More