Famous detectives throughout history have always been thrown into cases. That’s the nature of their job—the situation to create the case occurred, and it’s up to Sherlock Holmes to follow a trail of clues to determine the solution. When you perform an internal network pen test, the nature of the work is similar, but there are a few things you can do to help these cyber “detectives” maximize your knowledge gained and action items moving forward. Schellman’s Pen Test Team is experienced, and we often get asked to perform this specific type of evaluation. Having gone into these sorts of engagements many times before, we want to share some helpful insight specific to this kind of test.
Whether you’re considering engaging Schellman for a penetration test of some kind or you’ve already signed a contract with us for such, you’d probably agree that transparency benefits everyone.
**Since the publication of this blog, the FedRAMP PMO has, in 2022, updated the FedRAMP Penetration Test Guidance. Schellman breaks down the latest in our article here.)