Professional Cyber Security Services
Web Penetration Test
This service is a combination of automated and manual testing (our policy is to prioritize the latter). The main purpose of conducting this type of service is the proactive detection of weaknesses in information security and vulnerabilities in an organization.
The way this service works is as follows:
- Reconnaissance is conducted to identify services, technologies, including their versions, how they are configured and how they work.
- An initial automated scan for vulnerabilities is performed with a minimum of 2 popular scanners such as Acunetix and Netsparker.
- The results of an automatic scan, as well as the findings of our specialists, are verified and the collected information is used for subsequent actions aimed at obtaining access in one way or another.
- A comprehensive application security review is performed within the agreed scope, using our checklist of checks and vulnerability detection methods aligned with global standards and best practices.
- An attempt is made to escalate access using the vulnerabilities found.
- A final report is prepared, which includes detailed information on all vulnerabilities found, as well as recommendations for remediation, references, etc. The report also includes a section dedicated to people management, in which everything is described in detail with as little technical language and terminology as possible.
- After agreeing on a period for removal, the customer has the opportunity to receive a retest of the agreed scope within 6 months of the initial tests being carried out completely free of charge.
- A retest report is being prepared.
Our methodology for performing penetration tests is in line with leading ones, necessarily including the following phases:
Phase 1: Reconnaissance
Phase 2: Scan
Phase 3: Gaining Access
Phase 4: Escalation of Privileges
Types of web penetration tests, according to the level of access:
Black box test
No prior knowledge of technology or the exact scope of a company is required. No access to the given application or system needs to be granted. The results are based on the initial access that our specialists had.
Gray box test
It is possible to grant partial client-side access to in-scope applications. Partial technology and infrastructure information is provided for the applications in scope. It is recommended to use this approach for business applications as well as applications that are only used by people with pre-granted access.
Network Penetration Test
Network penetration tests examine the security of an organization’s internal and public networks, as well as related services. The service is recommended for companies that have a large range of public services and available public IPv4 addresses. Another type of company for which this service would be useful are those that have large internal networks with multiple services and important information.
Both web penetration tests and network penetration tests have 2 divisions.
// Internal network penetration test
With this service, our specialists get access to the company’s internal network via VPN or physically. Penetration attempts include a large set of checks for misconfiguration of your services, insufficient efforts to improve security, presence of publicly known vulnerabilities, and many other checks that are performed by specialists, not just vulnerability scanning software).
One of the goals of this service is for our specialists to find as many security gaps as possible in all your services and systems and to fix them in advance. Another aspect that most companies miss is that sometimes the employees themselves are the main security risk factor. We try to play out possible scenarios that could clearly show how so-called rogue employees can compromise the security of your company.
The tests that our specialists conduct also focus on the risks of unauthorized individuals “spreading into your network” using employee credentials that have already been compromised or other vulnerabilities.
// External network penetration test
Most organizations have multiple public servers, services, and systems that are accessed by employees, customers, and partners alike. The public IT asset security testing service focuses on surveying the following:
- Discovery of endpoints, domains and subdomains
Identify services, ports, technologies, versions, service providers
- Scan for ports and their configuration in the firewall
- Identify services and their versions and configuration
- Automated testing against all public and available vulnerabilities
- Manual vulnerability detection
- Verification of discovered vulnerabilities
- Exploitation of discovered vulnerabilities, through public or private exploits
- Using specific or proprietary scripts to exploit vulnerabilities or security flaws
- Escalating access through compromised initials or access keys
Both internal penetration testing and external penetration testing are performed using our checklist, which has been developed over years and is proven to produce good results.
For any service that has a web interface, tests are performed that overlap with those of the web penetration test, given the fact that many services nowadays use a web environment that is designed for the user.
Similar to web penetration tests, a detailed report is issued upon completion that includes the following points:
- Summary (a detailed description of the findings and conclusions, using as little technical language and terminology as possible.)
- Information Gathering
- Risk Assessment
- Scope and objectives
- Checklist, depending on the type of service
- Every vulnerability found, with full description, references, screenshots, remediation instructions.
- Positive characteristics and conclusions
- Recommendations (concluded in 3 categories, according to the findings during the test – short-term, medium-term and long-term)