Black Box Penetration Testing

Unlike White Box Penetration testing, Black Box Penetration testing is done with no knowledge of the internal systems of organisation.

A 1950s cyber consultant

While this does make the ‘starting point’ the same as a potential hacker trying to exploit the same network, it also dramatically increases the time required in terms of effort and also the time period over which the project will run.

Given this, a Black Box penetration test is typically only recommended for companies with a significant security requirement and a budget to match.

Upon completion of a black box penetration test, in the unlikely event the perimeter was not breached, it is still recommended that a white box penetration test is carried out because perimeter breach will always be a significant risk in the future.

  • Zero Knowledge Start Point

    The attack will begin with zero knowledge or assumptions, requiring significant intelligence gathering and reconnaissance.

  • Multi Facet

    As with white box penetration testing, multiple techniques will be used to gather intelligence and attempt to breach the network, including social engineering and black bag techniques.