Regardless which type of penetration you choose, they all begin with Discovery and Data Collection.
We collect data through various techniques and sources through interviews, social engineering, systems and network reconnaissance, data analysis, information provided by the client such as IP addresses, network diagrams, and application information. We then develop a plan of attack custom to your organization and penetration test type.
Types of Penetration Tests we offer:
External Network: This type of test is what most often comes to mind when discussing a penetration test. It involves identifying specific targets that are accessible from the internet and testing them using various tools and techniques in order to find vulnerabilities.
Internal Network: Similar to External Network, except for the test is executed from inside the business to identify vulnerabilities on the internal network and DMZ.
Web Application: Used to identify security vulnerabilities found in web-based applications. This type of test may be conducted against both internally and externally accessible web applications.
Wireless Network: The goal of this test is to assess the physical environment to identify and leverage unauthorized wireless access points and/or authorized wireless access points with weak security configurations and controls.
Social Engineering: Through a variety of techniques, this involves attempts to trick employees and business associates into revealing sensitive information such system account data or any other sensitive data that might be leveraged to inflict harm to the business.
The steps below provide a general overview of the execution phase of penetration tests we conduct:
- Passively collect data of normal operations to comprehend the target
- Actively test operations by agitating operations beyond the normal baseline
- Analyze data received directly from the operations tested
- Analyze indirect data from resources and operators (i.e. workers, programs)
- Correlate and reconcile intelligence from direct (step 3) and indirect (step 4) data test results to determine operational security processes
- Determine and reconcile errors
- Derive metrics from both normal and agitated operations
- Correlate and reconcile intelligence between normal and agitated (steps 1 and 2) operations to determine the optimal level of protection and control which would best be implemented
- Map the optimal state of operations (step 8) to processes (step 5)
- Create a gap analysis to determine what enhancements are needed for processes governing necessary protection and controls (step 5) to achieve the optimal operational state (step 8) from the current one
We’ll go through the results with you and discuss our findings along with relevant techniques we used to exploit vulnerabilities. We will also provide recommendations on remediation solutions for any issues we uncover.
In addition to providing an understanding of what needs to be fixed and how, we believe it’s important to put the results of the penetration testing evolution in the context of business impact.
For instance, finding a remote service that is still configured to accept the default factory login is easy to fix. But what kind of damage could an attacker cause by taking advantage of the vulnerability? Could it be leveraged to gain access to internal systems containing credit card data or intellectual capital? How might such a breach affect the bottom line (regulatory fines, litigation, etc)?
We’ll discuss all of this with you and ensure you’re left with a thorough understanding of the state of your security posture upon completion of our penetration testing effort.