"With our Penetration Testing, it's not a question of whether we can steal your data, it's a question of how long it takes and how quickly your business systems and people will take to discover us. This is what allows you to understand the true measure of how effective your security is and where you need to take action."
It is a very important phase, if not basic, since through the collection of information the attack targets and objectives are outlined. It is a preparatory process to any Ethical Hacking service and has a life cycle that ends at the end of the penetration services, as it evolves and expands through the partial results of each test performed. It can be defined as the intelligence of the penetration services.
The Vulnerability Assessment phase is the process of identifying and cataloguing the flaws in a system. It is particularly useful for the report generation process, as it indicates quantifiable values with respect to the risk level of each detected flaw and the respective priorities for the subsequent mitigation process.
The Network Penetration Test is performed through attack procedures towards the exposed network and not at the company premises. It can be performed internally, externally and online and it is calibrated on the customer needs and objectives with WGB box (white, gray, black box) methodology. The basic objective is, like all penetration tests, to reach sensitive information of any kind.
The web is one of the main attack vectors with the highest success rate. The objective of this service is to check the security level of any interface and application reachable through browsers and similar. It is a very delicate phase, it must be performed with specific protocols as it aims at obtaining as a result all possible attack vectors with a positive outcome.
The increasing use of cell phones and tablets has pushed software companies to develop and provide end-user access to their infrastructure also for mobile terminals; in many cases the mobile channel is the only one used. This has increased the attack vectors making a successful cyber breach much more likely. Mobile Penetration Testing aims to detect these issues on different devices and terminals.
The attack is not just virtual. Any attacker will use any means at their disposal to obtain useful information. Physically entering the company is often a great way to do this. This procedure is used in special cases and/or at the request of the client.
The art of Reverse Engineering is a matter for few specialists. Understanding how a piece of software or hardware was created and designed is a process that is particularly integrated into penetration procedures, as it provides information, even partial, that is useful in recognizing appropriate attack vectors.
The most failed system of all: man and his mind. The Social Engineering aims to derive holes in the human corporate fabric: personalized phishing, phone calls and others are used to violate the mind of those who work in the company, and since a company is formed by people first of all, violating their routine is often the easiest and most dangerous attack to execute.
Managing and defining corporate security policies is the foundation of the practices every company should adopt. Structuring permissions according to the corporate level is the main objective of a proper security policy. This procedure must be defined in full collaboration with the client and its staff, to know their internal routines and decision-making/management processes.
If the client owns, develops and uses software, the Code Review phase is mandatory, as it corrects at the root flaws, bad programming habits and therefore future attack vectors. The revision modalities are decided according to the system and the company development process: on release candidate or major version, periodic, on demand.
The Risk Analysis study serves to outline the potential damage and business consequences in the event of a breach and in relation to the type of attack. It is often carried out in a preliminary phase or in partial mode with practices that anticipate the actual testing phases. It can also be performed periodically according to the technological and management updates of the company itself.
The security of the wireless network and corporate lan has the objective to limit and cancel the consequences of partial attacks executed from the outside or inside the company. It is integrated to studies of perimeter and zones of operativity in order to control sensitive parts of the company.
Enterprise electronic systems integrated with software and networking are often the cause of serious attack vectors. The control of these devices, such as alarms, terminals, stand alone machines is aimed at understanding that there are no electronic elements in the company with unsafe access and therefore easily violable by an external attacker.
The prevention of corporate information leakage is applied across all business sectors, from human to software and hardware. Data leakage is a cause of damage, a source of intelligence from external entities and often creates the basis for future attacks on the company itself.
Securing corporate communications, particularly at executive levels, with dedicated terminals and systems is critical to protecting highly sensitive information. Attacks often target top management.
This service is performed in response to damage or attack. The objective is to define and outline the level of corporate exposure, actual and potential damage. The service is offered on a priority and timely basis to follow up with the customer in the most appropriate way and move on to the Fast Fixing and Recovery phase.
In case an attack has caused permanent or non-permanent damages, a Recovery service is performed for the selective recovery of the lost information using appropriate protocols. A data recovery priority plan is outlined in case of high level criticality.
Monitoring inbound and outbound company traffic is one of the easiest ways to detect anomalies and intrusion attempts. This service is often related to Secure Hosting systems, but can be enabled with custom protocols directly in the company's own infrastructure.
Often a company doesn't have the capacity or doesn't have the technical staff to ensure and maintain the necessary level of security. In this case the company's infrastructure is migrated to servers under strict control and management, ensuring high standards of security. Of course, every structural change must be reviewed by the control team. This service fully integrates Monitoring.
Security Operation Center is a management center for enterprise security. It can be created within the company or managed externally. It should be designed according to the needs and operations of the company itself. It provides services for analysis, control, monitoring, assistance, defense and mitigation of attacks. To describe it simplistically, a business unit is created that is completely dedicated to 360-degree security.
Each penetration service must be repeated over time on a cadence necessary to cover the business update processes. This necessity is given by the change of the internal infrastructures, by the discovery of new public and not public holes, by the administrative and managerial changes of the company. This service is integrated in Secure Hosting.
Process of mitigating and correcting software and/or hardware flaws. It is performed directly on the infrastructure or is coordinated with internal company technical staff. It is the process naturally consecutive to each report generated by Penetration Tests. It consists in the application of definitive or temporary workarounds to the affected areas, using versioning systems of the executed modifications.
© 2022 ENIGMA GROUP