Infrastructure Vulnerability Analysis
IT security is a complex topic that involves procedures that require explanation. In order to explain our services to you in a comprehensible way, we have put them into an everyday context. The protagonists are our basement keepers Maximilian and Amir.
"Maximilian is furious! The mailman didn't ring the bell again today. He's been looking forward to his new, extra-wide, high-resolution PC monitor for his office for days. Maximilian picks up the phone and begins tracking down his missing package."
Denial & Anger
Still angry and on hold, Maximilian mentally puts his words together. Our experts plan in advance the scope of the project and which IP addresses are to be checked.
Finally, someone is on the line! Maximilian gives vent to his anger and starts negotiating. Like the postal employee, our experts search for weak points in the affected system.
Reporting & Documentation
Maximilian's hopes of finding the package quickly fade. Disappointed, he requests a statement to complain to the seller. All vulnerabilities found are provided to you as a report with risk assessment and recommended action.
Presentation & Support
Max stares dejectedly out the window when Amir enters the room. Jokingly, he asks what has happend to his eyebrows. Unlike Amir, you don't get an angry look from us but a presentation of the most important findings.
Infrastructure Vulnerability Analysis (IVA) focuses on application and database servers as well as other infrastructure elements such as network nodes. During an IVA, the offensive expert uses predefined and delimited network areas to be checked. Using publicly available commercial and homegrown frameworks and tools, the vulnerability and exploitability of individual systems is assessed and exploited. Lateral Movement and Privilege Escalation are used to move from compromised systems to other infrastructure elements, typically critical servers such as domain controllers. The goal is to determine the number of vulnerable and exploitable nodes and how they can be exploited. The IVA can also assess the overall security posture of network nodes and corresponding infrastructure elements such as routers and access points. The offensive expert analyzes the configuration of network nodes and ensures that up-to-date cryptographic settings are in place, such as WPA2-Enterprise (local access to infrastructure required).
In case of an authenticated approach, credentials of an unprivileged employee account are provided to the offensive expert. This approach allows to obtain more information about the predefined systems and improve the overall security.
In the case of an unauthenticated approach, the offensive expert will receive only the network areas provided by the customer and no corresponding credentials. In this approach, the offensive expert will attempt to gain access to the systems from the perspective of an attacker located on the network.