Our offering we call security analysis and not penetration test by intention.
- We know, that there are vulnerabilities, but we do not have all exploits.
- We do not have the endless time to get an exploit working as a hacker or hacker group can do.
- Once a system is not on the latest patch level, it is at risk.
- A penetration test is always very selective.
- All penetration tester use the same tools.
- Vulnerabilities found by hacker groups are kept secret as long as possible. As long as I’m not part of such a group, I have no access to such an exploit.
- The biggest danger today is no longer the server in the DMZ, but the browser on the client system .
A security analysis from us contains these parts:
- Configuration review
- Vulnerability scan
- Firewall review
How we proceed:
Usually we start with a configuration review of the relevant systems.
They are all either Linux, Solaris, AIX, Apple, openBSD or Microsoft. All these systems got their vulnerabilites. As a normal customer of one of the big suppliers, I have no other choice then to apply known fixes and to implement configuration methods which are widely known by the industry. Additionally we do a vulnerability scan. Afterwards it is very simple to find out, if a system is current or not.
For the scans we use known tools like nmap, openVAS, metasploit, Kali Linuxk and others.
Experience shows, that in case of a configuration review, we do not have to look at every single system if you got 500 and more systems. Usually they are all install the same way, using the same procedure. If not it is quickly very obvious, that every system is done individually. If an automated installation is in place, mistakes can be corrected very efficiently. At the end, it is the customer who decides, how many of the systems have to be checked.
Generally we use “least privilege”. Software which is not required should not be installed. Who does not need the right, don’t get it.
The next point we care, are firewall rules. These rules we check directly on the firewall. As the whole firewall configuration.
As a result you get a report which shows you the weakness of your environment. With every weakness we also give you a recommendation, who the vulnerability can be removed.