VULNERABILITY MANAGEMENT

Vulnerability Assessment


95% of all damaging cyber-attacks are the result of exploiting well-known vulnerabilities. As your dependence on technology increases and you introduce additional electronic systems and software to support your operations, the rate of discovering and exploiting software vulnerabilities will continue to rise.
In today’s complex threat environment of malware, spyware, disgruntled employees and aggressive international hackers, developing and enforcing a strict and regular network security policy that incorporates ongoing vulnerability assessment is critical to maintaining business continuity. However, the process of vulnerability assessment and remediation sometimes is overlooked as a critical component of sound security practices.
Due to the changing nature of the security landscape and business requirements, new threats are putting organizations and their data at risk. By not taking steps to recognize and eliminate vulnerabilities, organizations, their systems and applications are potentially susceptible to exploitation, on a recurring basis.

GreenSentries Vulnerability Assessment services are a periodic managed service that identifies hidden vulnerabilities in our customer environments and provides steps to remediate them. Our Vulnerability Assessment and Penetration Testing services can also be provided to customers on demand

Penetration testing


Protecting your organization against internal and external security threats is an on-going and demanding task. Security risks continue to grow in variety and complexity, and cyber criminals are developing even more sophisticated system penetration techniques. GreenSentries understands the need to be agile, introduce new systems, technologies and ways of working to be competitive and improve efficiency.

Defining scope is arguably one of the most important components of a penetration test, yet it is also one of the most overlooked. The scope of a project specifically defines what is to be tested. The GreenSentries Penetration Testing Team understand the difference between a test which focuses on a single application with severe intensity and a test where the client provides a wide range of IP addresses to test and the goal is to simply find a way in.

Our Vulnerability Assessment and Penetration Testing services at regular intervals, helps our clients to stay one step ahead of potential attackers, enabling their IT systems, IoT, ICS, IIoT nodes to grow with their business, without lowering the defenses of the enterprise.

The Network Penetration Test consists of the following components:

  • Router Testing
  • Firewall Testing
  • IDS Testing
  • Denial of Service Testing (DOS)
  • Database Testing
  • Web Application Testing
  • Perimeter System Testing
  • Password Cracking
  • Wireless Network Testing

Network Infrastructure Reconnaissance

A network reconnaissance is an introduction to the systems to be tested. This step has several activities such as data collection, information gathering, and policy control. More hosts are often detected during the actual testing. Such new hosts may be inserted in the testing as a subset of the defined testing. Expected Results of this activity are:

  • Port scanning
  • OS/service fingerprinting
  • Internet Reconnaissance
  • Online database search
  • IP and Network Reconnaissance
  • Registrar and WHOIS Searches
  • Network Registrar Searches (ARIN)
  • DNS Reconnaissance
  • Possible test limitations

Network Infrastructure Penetration Testing

Vulnerabilities does not occur just in the systems but also in the network communication links. During this activity, communication links and the vulnerable protocols are tested and potential security threats are identified. It can capture traffic in transit like emails, plaintext passwords, files etc.

Expected Results of this activity are:

  • Identification of clear text communication paths in the network
  • Usernames, passwords that may be intercepted by attackers
  • Confidential files on transit
  • Confidential Emails on transit

Network Infrastructure Penetration testing

Exploitation

The exploitation process involves using programs that can improve the proof of concept code to be able to alter the normal flow of the target application to provide certain privilege to the attacker which under normal circumstances should not have been provided.

The Exploit Program are broken down into components below:

  • Network Component
  • Buffer Creation Component
  • Payload Component

The Network Component consists of libraries implementing the networking protocol through which the attack is launched. The most import part of an exploit program is the buffer creation component in which an attacker prepares a malformed request for triggering the vulnerability in the target application. This part takes a lot of analytical and debugging skills on the part of the attacker. The Payload component involves choosing the appropriate code that when executed under the scope of the exploited application will give the desired privilege to the attacker. Once a working exploit is developed that is being able to execute code on the local test setup, the exploit program is improved further to use universal return/overwrite addresses so that the exploit works irrespective of Operating System version and Service Packs.

Web Application Testing


The primary objective for a web application penetration test is to identify exploitable vulnerabilities in applications before hackers are able to discover and exploit them. Web application penetration testing will reveal real-world opportunities for hackers to be able to compromise applications in such a way that allows unauthorized access to sensitive data or even take-over systems for malicious/non-business purposes. This type of assessment is an attack simulation carried out by GreenSentries Penetration Testing Team in an effort to:

  • Identify application security flaws present in the environment
  • Understand the level of risk for your organization
  • Help address and fix identified application flaws

As a result of our penetration tests, you’ll be able to view your applications through the eyes of a hacker to discover where you can improve your security posture. GreenSentries Penetration Testing Team produce findings in written reports and provide your team with the guidance necessary to effectively remediate any issues we uncover.

Mobile Application Penetration Testing


In the evolving world of technology, mobile applications are becoming more dominant than ever, this evolution has created a full range of new attacks that were not relevant in the classic web application world.

GreenSentries Penetration Testing Team labs use the most advanced technologies to test mobile applications and analyze the security stature of the application. We have dedicated environments for testing both iOS and Android applications. These dedicated environments allow us to test and analyze the application optimally, on its real environment/device.

During the testing, we simulate a multitude of attacks, both general application attacks and mobile dedicated attacks. The testing simulates a real hacker and what he can do to penetrate the application and retrieve confidential data.

IOT and ICS Penetration Testing


GreenSentries Internet of Things security and Industrial Control Systems testing takes a holistic approach to security testing by reviewing the entire product ecosystem from chip to code. Our security evaluations mitigate cyber risks in connected devices, helping enterprises to build in security from the outset and gain a competitive advantage in market which is experiencing both exponential growth and increased consumer concern about cyber-security.

IOT & ICS security testing becomes critical as Internet of Things becomes a reality today. It is obvious that IOT & ICS will have a strong, positive impact on making our lives easier which makes the organizations to pay a lot more attention to security, risk, designing, and the basic architecture of their products in just two to three years. The Internet of Things and Industrial Control Systems will be a major avenue for hackers for the simple reason that everything is going to be connected.

Additionally, enterprises throughout the world are also rapidly migrating, developing, or rolling out newer IOT-enabled products into the market which creates security awareness for organization.

Benefits:

  • Validating privacy of data, reliability of IOT/ICS app, Verification, Availability and Authorization
  • Validating if the IOT/ICS app uses any weak password or missing data encryption.
  • Ensuring apps follows network security-standards and authentication mechanism to authenticate of the required app.
  • Reviewing cryptographic protection on applications and/or delivery mechanisms
  • Reviewing application binary or packages for embedded passwords, keys, certificates
  • Reviewing log handling, insecure storage, and caching/temp file issues

Secure Code Review


A software security code review identifies and remediates coding errors before they turn into a security risk. If conducted properly, it can do more to secure your software applications than nearly any other activity. Tools can identify possible issues in large amounts of code, but only an expert reviewer who understands code logic can determine if a flaw is exploitable and what the likelihood and impact of an attack would be.

GreenSentries recommends the use of code review as a part of our application assessment approach. Our use of code review makes our assessments more comprehensive and more accurate than any other approach. The use of code review also makes reviews more cost-effective.

GreenSentries uses vulnerability scanning tools, both commercial and proprietary, as a part of our application assessment process. Vulnerability scanning is one part of our hybrid approach to application assessment. Combined with code review and security testing, our approach is more cost-effective and accurate than any other approach. We tailor scanning tools in order to get a high-quality scan, and then carefully diagnose, consolidate, and verify all of the automatically generated data.

Security Architecture review


Network Security Architecture Review
Network Security Architecture Review is a systematic examination of the all the layers of an Organization’s network. GreenSentries Penetration Testing Team will examine the existing network topology and deployment of the security controls within the organization like firewalls, IDS/IPS, network segmentation and offer recommendations to increase the effectiveness of the security controls.

Web Application Security Architecture Review

An appropriate architecture and design are needed to build a secure web application. The design and architecture review process focuses mainly on the security perspective. An architecture and design review helps you validate the security-related design features of your application before you start the development phase. This allows you to identify and fix potential vulnerabilities before they can be exploited and before the fix requires a substantial re-engineering effort.

Current State assessments


Current State Assessment (CSA) is the next generation security assessment service from GreenSentries. Traditional security testing services like Vulnerability Assessment and Penetration testing focuses only on the application or infrastructure components alone.

The purpose of the CSA Service is to analyse a Customer’s environment end to end and provide higher visibility into their existing security posture across a wide field of view. This is a broad security assessment for those organisations that need a macro view of their environment to ensure all of the industry recommended security best practices are implemented, vulnerabilities are fixed, security controls are in alignment with the Information Security Policy and Compliance standards, Threat monitoring is effective, Policies and Standards are well developed and maintained, Access control and Content Filtering is effective, Risk Register is properly maintained, Logging and Auditing is proper, Incident Response measures are well developed and implemented, Patch Management is up to date , Security Architecture is flawless and End Point and Network Security Controls are properly implemented.

This assessment will be followed with a thorough penetration testing of the client IT, IoT (Internet of Things), IIoT (Industrial Internet of Things) and ICS (Industrial Control Systems) network infrastructure and applications.

Our experienced and skilled Penetration Testing team at GreenSentries have developed a unique framework for the vulnerability assessment and penetration testing service of corporate IoT, IoT and ICS networks.

The data derived from CSA will lead to the presentation of a Findings Report outlining any key observations of general security risk, threats, vulnerabilities and recommendations to remediate the identified issues. These recommendations are a combination of tools, industry best practices, and professional services suitable to the Customer environment. Implementation of a solution or remediation of any identified issues will be available as a separate service if requested by Customer.

A pre-engagement questionnaire will be shared with the customer initially to properly understand the scope of the service.