Cyberteam Security testing attempts to exploit identified vulnerabilities, actually exposing the weakest links. Flaws in software, processes, ineffective
configurations and human errors are realities all organisations must face.
Cyber criminals are consistently hunting for vulnerabilities and weaknesses to exploit. Finding just one vulnerability may be all they need to gain access to an organisations critical assets. Cyberteam Security systematic infrastructure.
security testing and validation offer real help to IT support teams to identify vulnerabilities timely and, through additional screening, to understand whether they can be exploited.
Security scanning/penetration testing engagements involve deliberate white hat attacks performed under controlled conditions by sanctioned parties in order to demonstrate the presence of security weaknesses in a target system:
- Ethical Hacking – Penetration testing involves ethical hacking of a target system to find (a small subset of) exploitable vulnerabilities.
- Controlled Process – The best penetration testing processes balance the creativity of the tester with control of collateral damage.
- Trending – Penetration testing will continue to grow in prominence, especially with new IoT systems that will require advanced testing.
Penetration Test Vulnerability and Attack Detection
In practice, the majority of penetration testing engagements we do, will involve the following four steps:
- Target Identification – The best penetration testing projects involve clearly defined targets versus nebulous “hack-my-company” engagements.
Without clear definitions of targets, the potential arises for unintended negative collateral damage. It is worth mentioning that less controlled target
identification can lead to creative finds, but CISO teams must be very careful with this approach. The risk of collateral damage is high if ethical
hackers are given access to anything they desire – and yes, for any Internet-facing applications, this condition already obviously exists.
- Ground Rules Establishment – Penetration testing can cause problems to production systems if careful ground rules are not established in
advance. White hat hackers rarely understand the local culture of a company and are highly likely to create problems if allowed to proceed without
defined boundaries. Email phishing tests, for example, can sometimes get out of hand.
- Execution Oversight – Insider oversight is recommended during any penetration testing that involves production systems. Such oversight will
help ensure that real response activities are properly managed, and that response teams are eventually made aware that testing has been done. If the
penetration test uncovers something that could affect customers, for example, then an insider must have the ability to step in and terminate the test
- Results Interpretation – After the penetration testing process is completed as shown in the Ethical Hacking process infographic, the management teams must carefully interpret our results toward process improvement. Having an unopened final report on the CIO’s desk is arguably worse than not having done the penetration testing at all.
Security Testing Process
- Stage 0: Discovery
- Stage 1: Identification
- Finding known vulnerabilities (based on CVEs)
- Exploring assets for common weaknesses (based on CWE/SANS Top 25 and OWASP Top 10)
- Stage 2: Verification
- Verifying details with the customer (asset owner)
- Executing a Penetration Testing Proof of Concept (PoC)
- Stage 3: Reporting
- Summary of vulnerabilities: A summary containing all identified vulnerabilities, including their impact.
- Detailed findings of weaknesses: Details of the outcomes of the tests performed by the Cyberteam Security team, with detailed information for each identified vulnerability, and how we were able to determine these vulnerabilities.
- Impact: Assessment of the impact on the organisation for each vulnerability.
- Likelihood: Assessment of the probability of an exploit to occur.
- Risk evaluation: Based on impact and likelihood of an exploit, a risk evaluation is performed.
- Recommendation: Our recommendation on risk remediation or mitigation and how to do this.
- Conclusion and advice: In the conclusion, the Cyberteam Security team will elaborate on the results of the previous items and state guidance on the security posture of the organisation.
- Stage 4: Remediation
- Stage 5: Rescan
As part of discovery, the Cyberteam Security team collects information about the organisations networks, servers, ports, applications and services to determine testing scope, with a focus on critical assets. The Discovery stage is achieved by using foot-printing, scanning and enumeration techniques. This information will provide the Cyberteam Security team with an accurate IT architecture overview and required insight where probable vulnerabilities or weaknesses could occur, and where valuable information is stored and available. The output of the discovery stage is then documented as an organisations blueprint.
The information gathered from the Discovery stage is used to apply scanning and testing techniques, which will allow identification of vulnerabilities and weaknesses
in the networks, servers, systems and applications, with a focus on critical assets.
Two main activities are part of this step:
The audit of security flaws can be done in two ways:
After the Stage 2 Verification stage, the Cyberteam Security team experts produce an infrastructure security testing report on the testing performed and the information
obtained on vulnerabilities and weaknesses that result in security flaws.
The report contains as a minimum the following items:
Risk evaluation and recommendation:
The recommended security remediation and mitigation actions are presented through a proposed action plan. The Cyberteam Security team can support in applying the suggested remediation and mitigation actions; for example, by performing additional testing, assisted patch management, source code review, and architecture design and configuration review.
After the remediation stage, a rescan is recommended to validate that all of the necessary remedial actions have been implemented successfully. This re-scan performed using the same vulnerability identification methods.
The Cyberteam Security team applies industry standards and best practices as part of its infrastructure security testing and validation methodologies. We conduct
white box, black box and grey box penetration testing, and implement targeted security testing, which is suitable for an organisations unique IT infrastructure.
We aim to provide our customers with optimal insight and actionable plans to effectively remediate and mitigate their cyber security risks.
The security scanning information shown above is mostly generic and based on best-practice, therefore to get a better understanding on what we can do for your business, all we ask is that you contact us to discuss your cyber security scanning needs to protect your IT systems and data.
Click here to contact us