Services

Vulnerability Assessment

A vulnerability assessment is an important aspect of an organization’s security program. This type of assessment activity helps to collect and inventory systems and applications across an environment. Performing vulnerability assessments helps an organization understand the vulnerabilities a system may have as well as the associated risk.

​

These assessments are typically performed at the network level, using automated and manual methods to first identify network systems. Then, the various ports, protocols and services running on those systems are enumerated. Lastly, vulnerabilities are identified and mapped to systems to give a snapshot in time of an organization’s technical security posture all while following the Open Source Security Testing Methodology Manual (OSSTMM) methodology.

Penetration Testing

Network

Penetration testing can be performed from an internal or external perspective.  External testing focuses on Internet facing assets, while internal testing focuses on the customer’s internal networks.  A penetration test, takes the data gathered during a vulnerability assessment and is used to further demonstrate the real-world effects of system vulnerabilities. An attacker’s perspective is employed and vulnerabilities are exploited, or otherwise utilized to show the genuine risk to an organization that the findings represent.

These types of tests help test the effectiveness of security controls and systems that are in place, and present a clear picture of an organization’s security posture. These tests also assist organizations to identify key areas in their security program that require enhancement, refinement, or reconfiguration. A penetration test is also frequently an effective way to test network monitoring and incident response based on whether the organization is able to identify and successfully respond to the threats presented.

​

Web Application

Web application security testing consists of both automated and skilled manual analysis for applications.  Once a complete understanding has been obtained of both the scope and architecture of the target application(s), automated tools are carefully configured and monitored in an effort to comprehensively test the enabled security controls, meant to protect the application’s exposed user interface.  Subsequent to automated analysis, targeted manual attack techniques are employed in order to validate the automated results and effectively evaluate the “real-world” impact of discovered vulnerabilities through proof-of-concept demonstrations.

​

Red Team Engagements

Red Team Engagements are commonly misconstrued as traditional penetration testing. Some of the facets of Red Team Engagements are similar to penetration testing: an adversarial perspective is employed in an attempt to gain unauthorized access to systems and data. However, Red Teaming involves a more focused, goal-oriented effort. This type of testing is meant for organizations with a very mature security posture, that have undergone numerous assessments. These organizations desire to test incident response teams and processes, and see how their security controls can withstand a focused persistent threat.

This type of assessment does not provide a holistic view of an organization’s overall security posture; it is meant to show what a focused adversary could accomplish with near-real world assessment conditions. Threat actor tactics, techniques and procedures are implemented in an attempt to execute a covert assessment, and simulate a determined adversary.  In the event that the Red Team activity is identified, the assessment can transition to a collaborative event, wherein active attacks are coordinated with security personnel in real-time. This can provide valuable intelligence, and allow security teams to better tune their detective controls, in real-time.

Social Engineering

Social Engineering (SE) Assessments utilize real-world scenarios and tactics to try to demonstrate the level of end user’s awareness to coercion attacks. These engagements can also highlight areas wherein organizational security policies, and technical controls, can be enhanced or used more efficiently to detect and prevent such attacks.

Phishing Engagements are one of the most common types of SE assessments. These projects simulate malicious threat actors that send emails to personnel, in an attempt to gather information, or gain control of end systems, and otherwise gain unauthorized access to systems and data. Phishing engagements can be tailored to fit the needs of the organization; everything from simply measuring the number of clicks on a phishing URL, to capturing user credentials, even so far as attempting to gain command and control of end user systems.

Another remote scenario for SE engagements is engaging in phone-based coercion attacks which utilize phone calls in an attempt to coerce end-users into performing actions that could aid an attacker.