A penetration test is a simulated attack from the perspective of a bad actor, such as a malicious hacker. The objective is to simulate a cyber security attack and attempt to uncover security vulnerabilities that might otherwise be discovered by hackers. In doing so, you would gain valuable insight into the security posture of the in-scope assets and be able to fix them before hackers are able cause serious damage by exploiting them.
The overall time depends on the size and complexity of the assets. This includes physical locations, staff, infrastructure, etc.. That said, most tests take anywhere from two weeks to six weeks, start to finish.
We get this question a lot and it’s not easy to answer until some level of scoping has been performed. Our scoping process is quick, online and painless. But overall, the number of locations and the objective will ultimately determine its cost. For example, when determining the work effort, we take the following into account: applications, networks, number of staff, number of target locations, goals, travel from locations, timeframe, etc.