HOW IT WORKS

1 INFORMATION GATHERING

In this stage we perform detailed reconnaissance about the server, its architecture, firewall configurations and other related intelligence. Certain inputs are also sought from the Dev team.

2 PLANNING AND ANALYSIS

Based on the information collected we devise a full scale “Red Team” approach to mimic real time attacks. To minimise impact we plan the attack, either on dummy environment or during times of lowest network activity (lowest traffic).

3 VULNERABILITY ASSESSMENT

In this stage, we run vulnerability scanners to look for possible vulnerabilities related to the platform, services, open ports technology framework etc.

4 PENETRATION TESTING

Here we run exploits on the server to evaluate its security. We use custom scripts, open source exploits, in-house tools and third-party exploit frameworks to achieve high degree of penetration.

5 REPORTING

We generate concise and succinct reports of the vulnerabilities discovered along with discussion on the nature of vulnerability, its impact, threat level and recommendation to remove the vulnerability.

6 DISCUSSION

Our technical experts discuss the report, along with the bugs found, and their impact scenario with the development team of the client. We also suggest best practices on how to maintain high degree of server security; integrating patch management, firewall updates and vulnerability assessment to maximise cyber resilience.

ADVANTAGES

  • Proactive reporting of critical vulnerabilities affecting server security.
  • Prevent breach of confidential information like customer details, bank account details, server credentials and other Personal Identifiable Information.
  • Prevent unauthorised access to the servers, unaffordable downtimes and disruption of business.
  • Suggestions on best practices of patch management, firewall updates, access management and data security.

Contact Us