HOW IT WORKS

1 INFORMATION GATHERING

In this stage we perform detailed reconnaissance about the network, its architecture, firewall configurations and other related intelligence. Automated scanners are used to simulate black-box testing environment.

2 PLANNING AND ANALYSIS

Based on the information collected we devise a full scale “Red Team” approach to mimic real time attacks. To minimise impact we plan the attack, either on dummy environment or during times of lowest network activity (lowest traffic).

3 VULNERABILITY ASSESSMENT

In this stage, we run vulnerability scanners to look for possible vulnerabilities and common vulnerabilities related to the platform, services, open ports, obsolete firmware builds, unauthenticated devices etc.

4 PENETRATION TESTING

Here we run exploits on the network to evaluate its security. We use custom scripts, open source exploits, in-house tools and third-party exploit frameworks to achieve high degree of penetration. For every network device, we conduct dedicated security assessments to find vulnerabilities and launch the attack.

5 REPORTING

We generate concise and succinct reports of the vulnerabilities discovered along with discussion on the nature of vulnerability, its impact, threat level and recommendation to remove the vulnerability.

6 DISCUSSION

Our technical experts discuss the report, along with the bugs found, and their impact scenario with the development team of the client. We also suggest best practices on how to implement network resilience: device level security, rogue device detection, endpoint and perimeter security.

ADVANTAGES

  • Comprehensive risk assessment of the entire IT Infrastructure of the organisation.
  • Strategic planning to minimise impact on day to day activities of the firm.
  • Reduce the risk of cyberattacks by over 90%.
  • Ensure 85% compliance to standards like ISO27001, COBIT etc.

Contact Us