Improve Your Security Posture and Protect Your IT Assets
By engaging in Penetration Testing Services, you will be taking a giant leap towards achieving stronger security controls. Both automated and manual testing technologies are utilized to identify vulnerabilities. These technologies are capable of identifying vulnerabilities in many different types of systems, including but not limited to, servers, workstations, web applications, Internet of Things (IoT), Industrial Control Systems (ICS), firewalls, switches, point of sale systems (POS), and many more endpoints. Throughout the comprehensive security assessment, each successfully exploited vulnerability is detailed within a comprehensive report. Additionally, the comprehensive report will contain any relevant information to assist in remediation, an estimated associated risk to the business, and, most importantly, the information needed to secure your environment.
An external penetration test includes testing of systems connected or accessible to public network infrastructure. Internal penetration testing involves the testing of systems connected or accessible to internal network infrastructure. A web application penetration test can uncover vulnerabilities in the web application itself, which may lead to the possible compromise of other related shared infrastructure. The methodologies used and the approach to each type of penetration test are dynamic and up to the tester to choose the most appropriate set of tools necessary to perform a penetration test. Therefore, although most of the penetration testing process is manual, Elevate provides its testers with the necessary resources, including industry-proven commercial testing solutions. In addition, testers must use their discretion when deciding to use many of the open-source tools that adversaries have available as well. The penetration testing process can be broken up into several distinct phases. These phases include reconnaissance, scanning, exploitation, and reporting.
A non-intrusive process that involves the collection of technical and non-technical information, typically publicly available information, which can be obtained through internet searches, social media, and social engineering. The goal is to gain as much knowledge and information about the target environment as possible.
Example Tools: Search Engines (Google, Yahoo, Bing, etc.), Google Hacking (Dorking), Public Source Code Review, WHOIS, Netcraft, Shodan, Social Media (Facebook, LinkedIn, Twitter, etc.).
Utilize both commercial and open-source vulnerability scanning tools to enumerate services and detect vulnerabilities. This process is highly automated to increase the collection speed but critical in gathering relevant information about the targeted system. The scanning phase, through the detection of known vulnerabilities, does a great job of highlighting weaknesses and possible entry points on the target network.
Example Tools: Qualys Vulnerability Scanning Solution, Burp Suite Scanner, OpenVAS, Nmap.
The highly sophisticated process of acting as the adversary, utilizing the information that was collected during the reconnaissance and scanning phase to exploit and validate vulnerabilities. This phase also includes the discovery of undiscovered vulnerabilities not detected by any scanner as well as possible lateral movement throughout the target environment with the use of manual exploit techniques. The use of public informational databases of exploits, such as Exploit-DB, will be used to manually craft exploits.
Example Tools: Kali Linux, Burp Suite, Metasploit, Manual Exploitation.
Deliver a comprehensive report including all identified and manually validated security vulnerabilities. This report is intended to assist in identifying vulnerabilities, their associated risk to the business, and also the information needed to assist in remediation.
Penetration Testing Services
External Penetration Test
The External Penetration Testing examines the external network systems for any weaknesses that could be used to disrupt the confidentiality, availability, or integrity of the network. Penetration Testing is different from Vulnerability Assessments because they exploit vulnerabilities to determine what information is exposed and use lateral movement when possible to discover new vulnerabilities.
Internal Penetration Test
The Internal Penetration Testing examines the internal network systems for any weaknesses that could be used to disrupt the confidentiality, availability, or integrity of the network. A tester will find and exploit vulnerabilities to obtain lateral movement where possible to discover new vulnerabilities within other systems.
Web Application Penetration Test
Web Application Penetration Testing is designed to assess all types of web applications, ranging from static content websites to all-encompassing transactional e-commerce environments. Elevate focuses on looking at the application logic that has been built into the website and pays close attention to any aspect of the environment that allows user input. Both server-side and client-side attacks are assessed. Elevate will provide advice and guidance on how you can improve the security of your web applications.
Types of Penetration Testing
Black Box Testing (No Knowledge of the Network)
The intention of a Black Box test is to simulate the behavior of a malicious attacker, that starts off with limited information about the infrastructure they wish to compromise. All efforts are therefore based on information that can be found publicly through the Internet and public information forums.
During a Black Box Penetration Test, Elevate will scour news and chat rooms looking for information about the client’s people and infrastructure. Elevate will query social websites such as Facebook, LinkedIn, and Twitter to try and find information about the people that work within the client’s environment. Elevate will query Internet registries, DNS, Mail & hosting providers to extract information that could be used as part of the Penetration Testing engagement. Elevate will try to enumerate people, processes, partners, and technologies that ultimately come together to influence an organization’s IT infrastructure.
Black Box Penetration Testing is a very popular approach to assessing an organization’s information security posture. In most instances, it tends to be a relatively straightforward process to mimic an external infrastructure using publicly accessible material. Elevate recommends that Black Box testing alone does not provide a complete snapshot of an organization’s security weaknesses. Although it may yield comparable results to that of a malicious attacker, organizations face many other security threats from trading partners, suppliers, competitors, and employees that have relevant information about the organization that could be used in a more structured attack. For instance, trading partners may have been granted login credentials to access a procurement or stock management system. Using these credentials, a rogue employee at one of these trading partners could initiate an attack that would not ordinarily be identified within a Black Box testing engagement.
White Box Testing (Knowledge of the Infrastructure)
It is important for organizations to identify where their Risk and Threat emanate from. If they perceive it comes from employees, customers, or trading partners it may be beneficial to conduct a White Box Penetration Test. Employees, customers, and trading partners have knowledge about your Information Assets. They may know that you have an Intranet or Extranet site, and they may also have credentials that allow them to log in them. They may know employees who work within the organization, the management structure, applications that run within the environment, as well as the organization’s overall approach to risk, threat, and Information Security as a whole. All this information can be used to launch more targeted attacks against an infrastructure, which may not be identified as part of a Black Box testing engagement.
It is important to determine what controls you wish to assess with your Penetration test. From there, we can discuss the proper environment to run a Penetration test for your organization and begin the steps of testing out the security of your network.