What do we offer:
1. Network Security Testing:
- External Penetration Testing;
This activity involves the type of attack that a wrong do-er will use for remote escalation of privileges. We use powerful software and this type of penetration testing may result in denial of system (DOS) and the impossibility of use of the designated targets by the client.
- Internal Penetration Testing.
This type of attack should be performed both remote and on client’s premises to simulate the scenario when the perpetrate has access to internal network. Those scenarios work hand-in-hand.
2. Application Security Testing;
If the application is in-house we can simulate any type of scenario in order to best fit client’s application.
3. Mobile App Penetration Testing;
Those test are performed with custom devices in order to test and over-test a specific mobile application and can provide very useful knowledge to mobile developers. Our team can work hand-in-hand with the software development company in order to provide most advanced protection for the app.
4. Web App Penetration Testing;
Those test are performed remotely for a specific application and can provide very useful knowledge to web developers. Our team can work hand-in-hand with the software development company in order to provide most advanced protection for web app.
5. Physical & Wireless Security Testing on client’s premises;
Those test are performed in the range of the wireless network with specific tools (very powerful also). Wireless network is usually an Awhile\s weak spot and most of the big firms, including banks and other financial institutions neglect to consolidate. An wireless network can provide an entry point for the attacker and should be considered highly important.
6. Client’s employees training.
- Social engineering attacks (SEA) are one of the most popular nowadays.
SEA is NOT a Cyber attack. It’s a hack, when the hacker for example impersonates somebody trustworthy (for example: an IT engineer of the company) in order to find crucial information about the network (usually login ID and pass). A good employee should follow some simple rules, but those rules provided by our team should be considered crucial in order to provide protection for the company data.
- Training the end-users is also crucial because ALL other measures are in vain if a young intern, let’s say, gives the credentials to a hacker.
- With a simple Google, Facebook and Instagram research a hacker can use a script to generate a password list in order to brute-force the account of an employee. For example a password like pet-name_date_of_birth can be hacked in seconds after a quick research.
II. What do we do:
1. An exhaustive meeting with the client in order to provide the best package possible to satisfy his needs.
2. remote system discovery:
- we verify with the client the ownership of this discovered assets (IP’s)
- identication of vulnerabilities and security weaknesses.
- gain unauthorized access to organizational data !
- we modify / extend pubic exploits (an exploit is a piece of code which compromises the protection of the target. It usually can give the attacker a shell, the possibility to use the command line to read, write, delete data) to fit the actual targets !
- all in accordance with the recommendations outlined in NIST 800-115 and ISO 27001;
- remote or on local on premises.
4. report / risk rating:
- detailed report of the actions performed on the target(s). Those reports are technical and are usually designated to client’s software developers in order to mitigate the risks and resolve the vulnerabilities);
- determining the impact of a security breach (HIGH / MEDIUM / LOW);
- conclusion – This is basically a non-technical report designated to the CEO of the company in order to understand the real scenarios and the problems we found during auditing.
- punctual report of the leading market solutions in order to receive best protection from the audit on.
6. feedback from client
- crucial step, because we have the liability for the client data and we have to be sure that the client understood each part of the audit and he will take appropriate measures in order to comply with our recommendations.
III. What costs are involved**:
We can provide basically any type of service that fits the actual client’s needs
- Lightweight / Basic: only a general check of the site / application / internal network, followed by a summary report and some recommendations;
- Normal: complete evaluation of the client using the most common methods, looking for the most common vulnerabilities, all at a standard level;
- Thorough / Advanced: a long-term examination, including almost all possibilities of attack + plus a complex report + plus precise recommendations
- Specific: this evaluation is for special cases, when a customer wants to examine an application, a site, an operating system, a software he uses (or a group of such things), the internal network (anything specific);
- Training: this unique package provides know-how to client’s employees in order to reduce human factor error and social engineering attacks.
Appendix A: Vulnerability Detail and Mitigation:
Risk Rating Scale – in accordance with NIST 800-30
- Default of Weak Credentials
- Password Reuse
- Shared Administrator Password
- Patch ManagementDNZ Zone Transfer
- Default Apache Files
- Network Segmentation
- Human Factor
* OS – all tests and actions are conducted under controlled conditions
** We shape the final price based on the number of targets and the required testing methods. We will be pleased to provide an estimate for your project.