Skip to content 
The traditional way of working has changed for many companies because of the strict COVID-19 measures. Many people work from home and use facilities that companies offer to make this possible. The employees of NFIR are of course used to working digitally and a lot of work for customers is already carried out remotely. A good example of this are the penetration tests that we perform for our clients. Still, some changes in the execution of some pen tests changed for us, but we were already very well prepared for that.
What's the PentestBox?
As may be known, BlackBox pen tests are always performed remotely without providing our ethical hackers with relevant information such as login details for the (web) applications, websites and IT infrastructures. For GreyBox pen tests we often come on location because we need access to the environment that needs to be tested. Some time ago we started using a new solution for pen testing; the so-called PentestBox. This is a full-fledged computer that fits in the palm of your hand and needs to be placed behind the firewall in your office or data center network. The PentestBox communicates via a VPN connection (encrypted) via your internet connection to the pen testing domain of NFIR, so that the ethical hackers can access your network in a secure way without being physically present. If the internet connection cannot be established (temporarily), we offer a 4G dongle that can be placed in the PentestBox and provides the necessary internet connection.
Until recently we brought the PentestBox to our customers, but because of the corona measures we have the possibility to send it as a parcel by post. In this situation, a network administrator will of course receive instructions to correctly link the PentestBox to the network and activate it. When the pentest is complete, the PentestBox can be disconnected again and is returned registered. The data stored on the PentestBox is fully encrypted. At the moment we are also working hard on the virtual version of the PentestBox which can be installed as a ready-made package in the network of our clients. This as an alternative to the physical PentestBox. This virtual machine is especially useful in case access to the data center is currently difficult to facilitate.
To what extent is your homework facility technically resilient to hackers?
Do you have questions about the operation of this PentestBox or do you want to know to what extent your home working facility is technically resilient to hackers? Please contact us. We will be happy to speak to you and do everything we can to assist your organization in these turbulent times in the field of IT Security!
