Penetration Testing

“I am convinced there are only two types of companies, those that have been hacked & those that will be” – Robert Muller (Former FBI Director)

Internal Penetration Test

An Internal Penetration Test differs from a vulnerability assessment in that it actually exploits the vulnerabilities to determine what information is actually exposed. An Internal Penetration Test mimics the actions of an actual attacker exploiting weaknesses in network security without the usual dangers. This test examines internal IT systems for any weakness that could be used to disrupt the confidentiality, availability or integrity of the network, thereby allowing the organisation to address each weakness.

NSC’s Internal Penetration Test follows documented security testing methodologies which can include:

  • Internal Network Scanning
  • Port Scanning
  • System Fingerprinting
  • Services Probing
  • Exploit Research
  • Manual Vulnerability Testing and Verification
  • Manual Configuration Weakness Testing and Verification
  • Limited Application Layer Testing
  • Firewall and ACL Testing
  • Administrator Privileges Escalation Testing
  • Password Strength Testing
  • Network Equipment Security Controls Testing
  • Database Security Controls Testing
  • Internal Network Scan for Known Trojans
  • Third-Party/Vendor Security Configuration Testing

The report generated as the output of this work is designed for both executive/board level and technical staff.

 

Why should we perform an Internal Penetration Test?

Internal Penetration testing allows organisations to test, if an attacker had the equivalent of internal access how they may they may have access to perform unauthorised data disclosure, misuse, alteration or destruction of confidential information, including Non-Public Personal Information (NPPI).

The internal network, (file servers, workstations, etc.), of the organisation is exposed to threats such as external intruders, after breaching perimeter defenses, or malicious insiders attempting to access or damage sensitive information or IT resources.  Therefore organisations are encouraged to test the internal network at least as frequently as they do the external perimeter.

Best Practice recommends that each organisation perform an Internal Penetration Test as part of their regular Security Program in order to ensure the security of their internal network defenses.


External Penetration Test

An External Penetration Test differs from a vulnerability assessment in that it actually exploits the vulnerabilities to determine what information is actually exposed to the outside world. An External Penetration Test mimics the actions of an actual attacker exploiting weaknesses in the network security without the usual dangers. This test examines external IT systems for any weakness that could be used by an external attacker to disrupt the confidentiality, availability or integrity of the network, thereby allowing the organisation to address each weakness.

NSC’s’ External Penetration Test follows best practice in penetration testing methodologies which includes:

  • Footprinting
  • Public Information & Information Leakage
  • DNS Analysis & DNS Bruteforcing
  • Port Scanning
  • System Fingerprinting
  • Services Probing
  • Exploit Research
  • Manual Vulnerability Testing and Verification of Identified Vulnerabilities
  • Intrusion Detection/Prevention System Testing
  • Password Service Strength Testing
  • Remediation Retest (optional)

 

Why Should I Perform an External Penetration Test?

IT Security Compliance regulations and guidelines (GLBA, NCUA, FFIEC, HIPAA, etc.) require an organisation to conduct independent testing of the Information Security Program to identify vulnerabilities that could result in unauthorised disclosure, misuse, alteration or destruction of confidential information, including Non-Public Personal Information (NPPI).

The Internet-facing components (website, email servers, etc.) of the organisation’s network are constantly exposed to threats from hackers.

Best Practice requires that each organisation should perform an External Penetration Test in addition to regular security assessments in order to ensure the security of their external network.

 

WEB APPLICATION PENETRATION TEST

Web applications have become common targets for attackers. Attackers can leverage relatively simple vulnerabilities to gain access to confidential information most likely containing personally identifiable information.

While traditional firewalls and other network security controls are an important layer of any Information Security Program, they can’t defend or alert against many of the attack vectors specific to web applications. It is critical for an organisation to ensure that its web applications are not susceptible to common types of attack.

Best Practice suggests that an organisation should perform a web application test in addition to regular security assessments in order to ensure the security of its web applications.

NSC’s Web Application Testing methodology is based on the Open Web Application Security Project (OWASP) methodology which includes:

  • Software Infrastructure/Design Weaknesses
  • Input Validation Attacks
  • Cross Site Scripting Attacks
  • Script Injection Attacks (SQL Injection)
  • CGI Vulnerabilities
  • Password Cracking
  • Cookie Theft
  • User Privilege Elevation
  • Web/Application Server Insecurity
  • Security of Plug-In Code
  • 3rd Party Software Vulnerabilities
  • Database Vulnerabilities
  • Privacy Exposures

NSC’s Web Application Penetration Tests are performed by experienced security engineers who have a vast level of knowledge and many years of experience testing online applications. NSC Web application testing methodology is performed using the best of manual techniques and then using automated tools to ensure total application coverage. The methodology allows NSC’s consultants be consistent in finding vulnerabilities beyond what may be found with just automated scanning tools.