Penetration Test

Overview

Attacks on company's digital infrastructures become increasingly popular. This type of targeted attacks are simulated by penetration tests. A penetration test starts with a detailed analysis of the external and internal infrastructure called information gathering. The next step is to make a comprehensive analysis of the data and, if desired, to actively exploit found vulnerabilities.

During a penetration test, you get regular reports, that keep you up-to-date and informed about the ongoing steps. In the very end, you get a final report that contains all the details about issues, their rating and how to come by. Every issue is prioritized which makes it easier to decide about your next step.

SCADA

Industry Control Systems (ICS) as well as critical infrastructures are often summarized by the buzzword SCADA. They usually consist of multiple high specialized devices that monitor and control industrial processes. Even the smallest production lines have Programmable Logic Controllers (PLC), actuators or sensors. The increasing connectivity like it is propagated in Industry 4.0 leads to new targets and new security relevant issues.

During an audit, we analyze relevant attack vectors and verify identified vulnerabilities by exploiting them if desired. In order to assess the security of your plant, we not only have a look at SCADA relevant vectors like manipulation of actuators or sensors, but also at traditional targets like web servers. An additional focus lies in separating OT/IT-networks as well as Defense-In-Depth.

Web Applications

Web applications are popular targets of cyber attacks due to their vast spreading and their world wide accessibility. During an audit, we do focused and realistic attacks on your web application in order to identify vulnerabilities and security related issues. This includes the web server as well as other services, that are relevant to run your web application. These attacks might be from the perspective of an external adversary as well as from a normal user.

The basis for the web application audit is the widely known Web Application Penetration Testing guideline published by the non-profit OWASP (Open Web Application Security Project) organization and their Application Security Verification Standard (ASVS).

Phases of a Security Audit

The usual audit consists of multiple steps. These steps might differ in different audits, but in general they are as follows:

• During the preparation the details of the audit are evaluated. For instance we clarify which type of audit is best and which target is affected.
• During the information gathering phase one collects as much information and details about the target as possible. This includes technical details as well as mail addresses or social information that might help to compromise security.
• After gathering details about the target, the information are analyzed according to their security impact. After prior agreement with the client the identified vulnerabilities might be verified via direct attacks.
• Every audit ends with a detailed report that summarizes identified vulnerabilities, their impact on the security state as well as corresponding mitigation strategies. In addition to that, the highlights of the report might be presented in front of an audience.