Cyber security tactics and techniques are constantly evolving. It is essential to regularly test your security systems and solutions to verify that they are maintaining a strong defence against known and unknown threats.

Autodata adopts a consultative approach to understanding your current security posture, showing you how to implement and configure your existing security solutions to best protect your data.

Why Pen-Test?

Penetration or pen-testing helps you to understand which threats and vulnerabilities pose the most risk to your business. Our CREST Star, Offensive Securities (OSCP/OSWP) certified team is trained to act as if they were malicious attackers, helping you understand how your security systems would stand up against a real attack. With this information you will be able to measure and determine the impact of the risks and the likelihood of experiencing a breach.

Internal and External Infrastructure Assessments
These assessments provide a snapshot (MOT) of the current security posture and the state of your businesses internal systems. Vulnerabilities within your infrastructure are usually down to poor configuration and inadequate patching policy and/or process.

Our Internal Infrastructure Assessment allows you to understand the potential impact of an attacker attempting to breach your security who could be within a secure position in your network or a disgruntled employee. You may choose to implement this assessment as a credentialed or non- credentialed assessment (however if credentials are required they need to be provided prior to the start of the testing). The Assessment is divided into three phases:

  1. Profiling: enumeration of all devices deemed in scope to ascertain whether devices are responsive and alive
  2. Discovery: during this phase automated and manual tools will be used to scan and locate devices and services within the agreed target IP address ranges. This will provide a list of potential targets for further assessment and identify all devices and active services across the agreed scope which will allow potential vulnerabilities to be highlighted. The following tests will be undergone during this phase:
    • TCP and UDP Port Scanning: NMap is generally used for this test although other tools may be utilised
    • Service Identification: during this process various techniques will be used to identify the type and version of all active services. These techniques may include: RAS, VPN, Telnet, SSH, R-services, SNMP, TFTP, NFS, Active directory services, HTTP, HTTPS, MSSQL etc
    • Network Mapping: using tools such as Nmap, Trace Routing and IP fingerprinting
    • User enumeration (if services are available to complete this process)
    • Security Devices: routers, switches and firewalls will be assessed during this stage as it is crucial that these devices are configured and secured correctly

Once the five tests above have been completed, manual checks are implemented to further investigate all findings and establish open attack vectors through known vulnerabilities.

  1. Assessment: During this phase a detailed manual testing approach will be followed which will investigate the following areas:
    • Host Device & Service Configuration: poorly configured and/or inadequate processes can allow the system to be insecure via running services which can open attack vectors that could lead to simple access and compromise of company systems
    • Patching: through poor implementation of a business’ patching strategy, systems can be open to attack through running vulnerable services
    • Clear Text Protocols: services such as FTP, Telnet and older legacy services which do not encrypt data or credentials are often an easy way for an attacker to gain unauthorised access to your data. These types of services will be reviewed and tested here

Our External Infrastructure Assessment allows you to gain an overview of your current security posture through mimicking hacker attempts on your public facing profile and architecture. The assessment is divided into three phases:

  1. Profiling: this will involve investigation of your current internet profile using non-invasive techniques such as:
    • Domain-based discovery: Internet DNS database enumeration, attempt to investigate listed DNS servers via DNS zone transfer and view your customer website/s (if available) as this can leak a great deal of information pertaining to external and internal networks etc.
    • Open source vulnerability checks: Company databases, web, newsgroup, IRC and social networks searches
    • Bounce email messages to determine location of mail servers
  1. Discovery: the same process as the Internal Assessment above will be undergone. The following tests will be carried out during this phase:
    • TCP and UDP Port Scanning: NMap is generally used for this test although other tools may be utilised
    • Service Identification: During this process techniques will be used to identify the type and version of all active services, these techniques may include: RAS, VPN, etc.
    • Network Mapping: This may use tools such as Nmap, Trace Routing and IP fingerprinting
    • User enumeration (if services are available to complete this process)
    • Email, DNS and other third-party services: will be assessed for weaknesses

Once the five tests above have been completed, manual checks are implemented to further investigate all findings and establish open attack vectors through known vulnerabilities.

  1. Assessment: the same process as the Internal Assessment above will be undergone here.

Post Internal and External Assessment
We use all information gathered in the various stages of assessment and formulate a tailored attack/exploit strategy for your business. Attacks could include buffer overflows or simple brute forcing and password guessing techniques. If an avenue is exploited our Security Consultant will attempt to gain further access to your affected system by trying to escalate their privileges.

All of the above processes will be fully documented, and a full clean-up process will be implemented at the end of the assessment to ensure your systems are returned to their original state.

No exploitation of any system is implemented without your prior authorisation.

Performing regular penetration tests is essential to ensure and evidence that your security solutions are delivering the protection your organisation needs.

Get in touch today to arrange a scoping call for your next Penetration Test.

Helping you deal with Penetration Testing

Call us on 020 7749 7949