GlobeTech LLC is certified to conduct Vulnerability Assessments and Penetration Tests., and can provide Small to Mid-Size business with these services on a regular basis.
What do these services entail
Penetration Testing services include two main areas of assessment. Internal and External assessments gauge the overall health of your cyber security maturity. In addition to that, a WiFi security assessment is performed.
- Discovery and Reconnaissance of externally facing assets to test for any flaws that will aid an attacker
- Reporting on the attack surface and any potential issues
- Scraping data from public sources to determine information that might be useful to an attacker, like public assets, potential usernames, or even breached passwords
- Mitigation suggestions where necessary
- Internal scans to discover vulnerable assets that an attacker will leverage
- Active Directory assessments to discover common vulnerable scenarios
- Proof of Concept attacks that show actual paths that will give an attacker more access
- Full “Kill-Chain” breach simulations to highlight the significance and impact of the assessment
With Penetration Testing services, GlobeTech LLC will also evaluate the wireless networks available within your business. These networks will be scanned and sniffed to intercept the encrypted communications. GlobeTech LLC will make attempts to break this encryption using industry standard tools. More than that, each assessment is heavily customized and targeted specifically for your company.
Reporting and Vulnerabilities Discussion
Up to 50% of a penetration test project is reserved for the reporting and presentation of any issues that are found. The reporting and follow up discussion are the most important part of the assessment. This is what provides value to your business. Each reported vulnerable system or scenario is highlighted with a severity score, general attack narrative or description, Proof of Concept code or commands, and mitigation recommendations.
This report becomes the focal point for a discussion after the engagement is completed. Each item is discussed and reviewed until the exploitation process is understood and mitigation options have been discussed. GlobeTech LLC will make recommendations, the business ultimately decides what the right option is for them, so together we’ll spend time determining the actions that are right for you.
How is the test performed
External scans are reviewed from any standard public IP address, the same way an attacker would connect to and review your public facing assets.
Internally, we plant an attacking machine (laptop, desktop) onto the network. This assumes some form of physical compromise of your network. For example, a user clicked the link and gave out their passwords, or executed the malware, plugged in the USB drive, or somebody connected to your network in a public conference room, or attacked your WiFi, etc.
By “assuming” compromise, we can immediately begin to ID flaws within the network. Scans are performed, and as systems are identified we can begin the exploitation process. The MITRE framework is referenced throughout the report to help identify different areas within the attacking Kill Chain.
The goal of a penetration tester is often to elevate privileges within your network, attempt to gain complete control, often by achieving a Domain Admin level of access. The goal within your business might be more tightly defined to specific customer records, intellectual property, or even specific systems.
For more information, feel free to fill out the contact form where GlobeTech LLC can respond and schedule a discovery call.