IT Penetration Testing and Security Assessments
Cyberology Consultants divides Penetration Testing and Security Assessment into two stages. Stage 1 covers the steps taken in a penetration test, which provide a view of the threats faced by the organization from the outsider. Our Penetration Testers don’t rely solely on automated security scanners. Rather, we take time to interact with the systems and find the vulnerabilities if they exist. In other words, we assume the role of a hacker trying to penetrate your IT defenses. Stage 2 covers additional steps taken in a complete vulnerability assessment, which assess the weakness from inside the network. We examine the network’s vulnerabilities to employee malice or carelessness. Additionally, a full policy review can be conducted to identify weaknesses in the structure and enforcement. We offer the ability for your organization to choose the components of this stage 1 and 2 models that meet your needs, and design an assessment that will address your concerns.
Stage 1 – Penetration Testing
Penetration testing begins with Physical and Technical Reconnaissance. During Physical Reconnaissance there is an information sweep in which an attempt is made to determine how much information is available on the client organization.
After this step is completed Social Engineering techniques will be used in an attempt to illicit sensitive company / IT information which could be utilized in a network attack. These techniques gauge the security awareness of the staff and the vulnerabilities faced from security ignorance. The techniques include pretext phone calls and site visits such as posing as vendors, employees, IT support personnel, clients, etc.
Technical Reconnaissance is next and includes steps such as Network mapping, Router Discovery, Ping Sweeps and Port Scanning, Operating System / Application Fingerprinting, War-Dialing, and Wireless Sweeps.
Once a viable lists of targets is generated, actual Penetration Techniques are deployed in an effort to demonstrate Proof of Concept. Extreme care is used not to disrupt business operations.
This stage can cover the all Internet Facing Servers or your organization can opt to concentrate on specific areas such as a Web or E-Mail Server.
Full Security Evaluation Can Include:
- Hands On Penetration Testing – Not Just Automated Scans
- Security Assessment From The Inside
- Policy Review and Revision
- Testing Employee Security Knowledge
Stage 2 – Vulnerability Assessment
Although the Vulnerability Assessment is distinct from Penetration Testing these methods may overlap. Vulnerability assessments can encompass a broad range of actions from policy and access control list review to vulnerability scans from inside the network environment. This can happen with a trusted insider, who can cause significant network damage intentionally or accidentally. Moreover, this dismissed employee, formerly trusted by the organization, poses one of the greatest threats.
To mitigate these threats the following actions will be performed in this stage:
- Firewall Rule Set Review
- Router Access Control List Review
- Physical Computer (Server) Access Control (Physical Security Review)
- IT Policy Review
- Domain review – Active Directory / User Accounts / Permissions
- Employee External Access Capabilities
- Revocation Policy of Dismissed Employees
- E-Mail Storage / Access Policy
- Locally Installed Application Review
- Security Interviews of IT Staff and Workforce Control Group
- Log Management
- Back-Up Policies / Storage
- Vulnerability Scanners