🎯 Free Website Audit. Get Yours →
Optimum Web
Multi-FrameworkISO 27001SOC 2CR-CROSS-08

Penetration Test — Internal Network & Active Directory

Assumed-breach internal pentest. Active Directory attack path mapping, lateral movement, privilege escalation. CREST/OSCP tester. Retest included. €729. 10 days.

Penetration Test — Internal Network & Active Directory by Optimum Web is a fixed-price compliance service covering NIS2 Art. 21 + ISO 27001 A.8.8 + A.8.20 + SOC 2 vulnerability management. It costs €729 with 10 business days delivery by senior security engineers. Domain admin attack path map with step-by-step exploitation chains. 14-day warranty included.

Covers: NIS2 Art. 21 + ISO 27001 A.8.8 + A.8.20 + SOC 2 vulnerability management

2 orders placed this week
4.8·172 clients·25 yrs

"Senior engineers who actually deliver what they promise. Rare."

Thomas K., IT Manager · Austria

€729
Fixed price, VAT excluded
10 business daysSenior only
Domain admin attack path map with step-by-step exploitation chains
Active Directory hardening recommendations (misconfigs, weak GPOs, RBAC gaps)
Identity and access misconfiguration report
One free retest of critical and high findings within 30 days
🛡️
14-Day Money-Back Guarantee
Issue recurs? We fix it free or refund in full. No questions asked.

Secured by PayPal · 256-bit SSL encryption

or order without payment
+373 22 843569
PayPal · SSL
👨‍💻 Senior only
14-day warranty
🆔 CR-CROSS-08

This Service Covers

NIS2Article 21 — Cybersecurity risk-management measures
ISO 27001A.8.8 — Technical vulnerabilities; A.8.20 — Network security
SOC 2CC7.1 — Vulnerability and threat management

What You Get

Assumed-breach internal penetration test simulating a compromised employee workstation. We map attack paths: privilege escalation in Active Directory, lateral movement across hosts, access to crown-jewel systems, exfiltration scenarios. Deliverables: domain admin path map, AD hardening recommendations, GPO and identity misconfigurations list, retest of critical findings.

Who Needs This

  • Organisations with Windows AD / Entra ID environments serving EU clients
  • Companies that have never tested the inside of their network
  • NIS2 essential entities; ISO 27001 certified companies between audits
  • Businesses with hybrid work where attack surface has expanded
  • Teams that experienced an incident and need post-remediation validation

ONGOING COMPLIANCE

Don't Want to Think About Compliance Every Quarter?

Compliance-as-a-Service: €729/month. We handle reviews, scans, documentation, security questionnaires. Your outsourced compliance officer.

Start CaaS — €729/month

Ready to Start?

€729 · 10 business days · 14-day warranty

+373 22 843569

Secured by PayPal · 256-bit SSL encryption

or order without payment

Want ongoing compliance? Compliance-as-a-Service — €729/month

Learn more
CLIENT REVIEWS

What Our Clients Say

4.8 / 5·172 clients · 25+ years

"Senior engineers who actually deliver what they promise. Fixed price, fixed timeline, thorough documentation. Rare combination."

T
Thomas K.
IT Manager · Manufacturing company · Austria

"Worked with 4 agencies before finding Optimum Web. First team that delivered exactly what the scope said, on time."

S
Sophie V.
Operations Manager · Logistics company · Belgium

"The 14-day warranty is real. Had a small follow-up question and it was handled same day, no extra charge."

M
Mikael B.
CTO · B2B SaaS · Germany
Read all reviews on Clutch →

Frequently Asked Questions

What does 'assumed breach' mean?+
We start from a position an attacker would reach after phishing or initial compromise — typically an unprivileged user account on a domain-joined laptop.
Is this destructive to production?+
No. We avoid denial-of-service and destructive techniques. All actions are logged and reversible.
How is this different from a vulnerability scan?+
Scans find known issues. Internal pentest follows actual attack paths through chained misconfigurations and weak permissions — things scanners can't see.
Do you need physical access?+
No. We work remotely through a temporary VPN account or jump box you provide.
What if we don't use Active Directory?+
We adapt the test to your identity layer — Okta, Google Workspace, JumpCloud, AWS IAM. The methodology is the same.
Will this disrupt operations?+
Minimal. We coordinate testing windows. Most clients don't notice until they receive the report.

Also Relevant

Multi-Framework

Penetration Test — External Infrastructure & Cloud

€699 · 8 business days
Multi-Framework

Penetration Test — REST & GraphQL API

€539 · 7 business days
NIS2

Vulnerability Management Program Setup

€359 · 5–7 business days
DORA

Digital Resilience Testing Setup

€449 · 7–10 business days
+373 22 843569

Secured by PayPal · 256-bit SSL encryption

or order without payment
📞Call Us💬Get Free Quote