Internal Network Penetration Testing involves the simulation of an attacker gaining a foothold on the internal network. The goal of this type of assessment is to actively exploit vulnerabilities and move laterally through the environment to show the clear impact of unpatched services and misconfigurations and issues related to authentication.

External Network Penetration Testing is the practice of replicating activities and real-world attacks from the perspective of an outside actor to determine the external perimeter network security posture and factors that threaten the confidentiality, integrity, and availability of the client’s critical infrastructure and data.