Identify, Protect, Detect, Respond, Recover

Offensive Security

Vulnerability Assessment and Penetration Test

Scope

Web Application

This assessment is designed to identify, quantify and prioritize vulnerabilities of a web application by validating and verifying the effectiveness of the application’s security controls.

Examples are:
- Web Portal (cms, custom website etc.)
- CRM, ERP, TTS

Network

The network pen-test provides suggestions to better protect sensitive data and prevent take-over of systems by identifying real-world opportunities that can compromise systems and networks.

Examples are:
- Public Subnet
- Private Subnet (LAN, DMZ, etc)

Insider Threat

The aim of this assessment is to simulate actual risks and areas of concern by impersonating a disgruntled employee or a fraudulent consultant trying to steal info/data or to allow others to get inside the company’s perimeter.

Testing Assignment

Black Box

In this assignment, there is no internal knowledge of the target system. Testers are not provided with any architecture diagrams or source code that is not publicly available. A black-box penetration test determines the vulnerabilities in a system that are exploitable from outside the network.

Grey Box

A grey-box test is made with the access and knowledge level of a user, potentially with elevated privileges on a system. Grey-box pen-testers typically have some knowledge of a network’s internals, potentially including design and architecture documentation as well as an account internal to the network.

White Box

During a white box test, pen-testers are given full access to source code, architecture documentation and so forth. The main challenge with white-box testing is sifting through the massive amount of data available to identify potential points of weakness.

HOW DOES IT WORK?

Activity Flow

- Definition of activities and scope
- Definition of the rules of engagement
- Project execution
- Reporting

Methodologies

- OWASP (Open Web Application Security Project)
- OSSTMM (Open Source Security Testing Methodology Manual)

Classification

- CVSS3 (Common Vulnerability Scoring System Version 3.0)

Security Consulting

Source Code Analysis

This type of analysis is not the basic automated code debugging: by looking at the broader perspective of the application environment, the aim is to find bugs and faults that may not be obvious to a programmer. It is meant to find faults like possible buffer overflows or untidy use of pointers and misuse of garbage collection functions, all of which may be exploitable by a hacker.

Gap Analysis

Gap analysis is the examination of the actual security level against the potential or desired risk level, based on best practices and current law. The current state (As Is) is depicted and the steps to reach the expected state (To Be) are described. The methodology refers to standards such as the ISO 27001, NIST.

Digital Risk

In the most basic form, digital risk is the analysis of the risk to an organization’s digital resiliency. As an organization extends its social media presence, web presence, mobile application capabilities, etc., and has a greater dependency on that digital footprint to achieve its revenue goals or mission, the digital risk increases. Digital risk spans outside the traditional view of cyber threat intelligence tools and technologies. Typical examples are OSINT, SOCMINT.

Phishing Education

In order to increase the ability of the end user to spot fake or potentially harmful messages, via email or other media, it is mandatory to test your employee with generic or spear phishing attacks and to evaluate their response; this activity allows the company to assess the related security risk.

Security Awareness

Employees are part of an organization’s attack surface, and ensuring that they have the know-how to defend themselves and the organization against threats is a critical part of a healthy security program. Security awareness training is not a one-and-done exercise. Regular security training through multiple media is ideal.