External Pentesting Simulates an Internet Cyber Attack

An external network penetration test focuses a realistic breach simulation against your public-facing IPs. These internet connected IPs are always exposed to potential attacks and represent your front door to attackers all over the world. In fact, your external servers are likely experiencing some type of network scan right now.

Obtain step-by-step instructions to close your security gaps before the bad guys take advantage of them.

Contact Us


Many providers perform external network penetration testing, yet few do it right.


Raxis uses the same tools and techniques as real hackers, helping you uncover and remediate hidden risks that have been hiding from you.

The Basics of External Penetration Testing

Our approach is simple. Raxis engineers use the same tools, techniques, and quick-thinking as the malicious hackers to find a way to safely steal a small portion of your data. We start by taking a close look at your outward-facing IPs, internet-facing systems (including ones that are cloud-hosted), and use our hacking skills to try and safely breach your perimeter.

External pentest icon


Your external pentest will need to be scoped to include any internet connected system that handles data important to your organization. If you're looking to meet requirements for an audit such as PCI, we'll need to make sure that any systems specified in the audit are covered in your pentest scope.

Though most customers provide their IP addresses up front, Raxis can also use discovery techniques to find them ourselves — just as a malicious hacker might.

I’ve had an internal network test, do I still need an external network penetration test?

Raxis strongly recommends having both. In fact, PCI requires that you do. That’s because most companies don’t know everything they have exposed externally. We often find that someone rushing to get their job done may focus most on getting things working . . . and not on securing them.

Here are a few examples the Raxis team has found in the course of our work:

  • Telnet and FTP services that require no credentials and allow malicious file uploads.

  • Exposed administrative pages, often requiring only easily discovered default credentials, that allowed Raxis to view and edit high level device settings — and even sensitive customer and system data.

  • Web login pages that revealed which usernames were valid and didn’t block brute-force attacks. This enables malicious actors to use easily accessible technology and test billions of potential password combinations per second. Weak ones can be cracked in an instant.

What about a web app pentest? Is that different?

The web app pentest and the external pentest are two very different tests, even though they may involve the same system.

A web app test is usually credentialed and focuses thoroughly on the application itself, placing less emphasis on other open ports and potential issues on the system. This allows the tester to delve in and focus on the application’s business logic and possible coding gaps versus the system hosting the application.

And external test includes web applications, to be sure, but it does not delve into them (unless the pentester finds a way in through SQL Injection or another critical vulnerability). An external test focuses on discovering any gaps in your external network and exploring what exploits they could lead to.

Separate or combined external network and web application tests are both valid and useful. A combined test can help you work within a budget. Separate tests provide separate reports, which may be helpful if your team reports the findings to different stakeholders.


Typically, Raxis bases charges on the number of IP addresses that are deemed in scope. This only includes systems that you confirm that are online. If we are not provided a definitive list of online systems and need to discover them, such as with a black box pentest, then additional charges may apply. If you have a budget in mind along with the goals of your pentest, we're happy to discuss options on how we can accommodate your needs.

If you're looking for a continuous pentest option, we offer annual, quarterly, and monthly subscriptions to keep a constant eye on your systems. When comparing our pricing, please note that we're a top-tier provider and our charges may not equate to other pentest shops that are effectively selling vulnerability scans.


The actual work duration for external pentests can range from 3 days to several weeks. Keep in mind we can be booked out for several weeks at a time during the busy season, so please schedule your pentest as soon as you can to hold the timeslot. PTaaS on-demand pentest services can be scheduled faster.


The advantage of working with a highly focused penetration testing team is evident in the quality of our deliverables. Ask for a sample report if you'd like to see what we can do. Remember, when we find security gaps, you get to fix them before they are exploited.


Raxis reporting has been considered to be "top-notch" by our customers for many years. You'll find a detailed analysis of your external environment, a play-by-play storyboard that details everything we tried, screenshots of the output provided by our hacker tools, and a clear remediation plan.


External Network Penetration Test Specifications

  • Powered by Raxis One, a secure web interface for all Raxis services
  • Fully capable of working with internet facing cloud providers and content delivery networks such as Amazon AWS, Microsoft Azure, Google Cloud, Cloudflare, Akamai, hybrid cloud, and SaaS solutions
  • Raxis utilizes the same tools and techniques as a blackhat hacker
  • Predictable timeline for the assessment
  • Exploitation, pivoting to other in-scope systems, and data exfiltration in scope
  • Executive debrief conference provided, if desired
  • Optional re-test to validate remediation
  • All Raxis tests are based on the MITRE ATT&CK penetration testing framework
  • Meets or exceeds requirements for NIST 800-53, NIST 800-171/CMMC, PCI, HIPAA, GLBA, ISO 27001, and SOX compliance
  • Available as a one-time service, multi-year agreement, or continuous monitoring/Penetration Testing as a Service
  • Self-managed testing via the Raxis One portal
Contact Us
©2023 Raxis LLC - All rights reserved.