Network Vulnerability Assessment

Over the last few years, organizations have been adding additional functionality to their existing applications in an effort to provide more convenience and better service to its customers, partners and employees. These continual changes to your IT infrastructure create new gaps, introducing unacceptable levels of business risk within itself by increasing the risk of compromise to your existing critical data and information systems. With the advent of sophisticated, automated exploitation tools and “point-and-click” hacking, anyone with a network connection is potentially vulnerable and susceptible to attacks. The consequences of a malicious attack could be fatal for your organization leading to potential financial losses, damage to reputation, risk exposure of business (downtime, media attention, effort etc), legal issues, loss of internet presence of a service (causing business disruption) etc.

Managing vulnerabilities requires a well thought-out process that aligns to business needs and provides a solid framework for the IT department. The goal of Vulnerability Management is to have a system that helps to reduce the time and money invested in dealing with vulnerabilities and reduces the risk of vulnerability exposure. The network vulnerability assessment is the most important step in the vulnerability management process. It entails checking all operating systems, hardware vulnerabilities, network vulnerabilities, system mis-configurations, and policy infractions.

How Indusface Helps You with Vulnerability Assessments

A network vulnerability assessment is only as good as the comprehensiveness and accuracy of the scan. Indusface maintains unrivaled vulnerability coverage and scan accuracy, and conduct independent vulnerability research and constant monitoring of industry standard vulnerability lists such as CVE, CERT, and the SANS Top 20. These analysts maintain the extensive vulnerability database which covers servers and workstations using Windows and UNIX based operating systems, network infrastructure devices such as routers and switches, and databases, web servers, email servers, and other network services and applications. Our analysts can scan all of your IT assets against this up-to-date database, deeply examining an entire network infrastructure by probing for complex weaknesses that could lead to an intrusion. By leveraging artificial intelligence, our solutions can virtually eliminate false positives by verifying the true existence of the vulnerability rather than the simple version check that is performed by most other vulnerability scanners.

Indusface follows a standardized approach based on internationally accepted OSSTMM best practice for vulnerability assessment and penetration testing:

Scope definition

• Which attacker profile the tester will use
• Hacker with no knowledge about the target
• Hacker with knowledge about the targetInternal user with access
• Which systems or networks the test will be conducted for
• Duration of the test

Information gathering

• Whois  
• Google
• DNS Retrieval SOA Records
• Tools/Websites 
• Social Engineering
• Dumpster Diving
• Web Site copy
• Vulnerability Detection        
• Using manual and tool based technique to identify vulnerabilities. Tools consist of combination of commercial as well as open source

Information analysis and planning

• Collating the information gathered in previous stages
• Preparation of High level attack planning
• Overall Approach
• Target identification

Attack and Penetration/Privilege escalation

• Attack and penetration
• Known/available exploit selection
• Tester acquires publicly available s/w for exploiting
• Exploit customization
• Customize exploit s/w program to work as desired
• Exploit development
• Develop own exploit if no exploit program available
• Exploit testing
• Exploit must be tested before formal Test to avoid damage
• Attack
• Use of exploit to gain unauthorized access to target
• Privilege Escalation
• What can be done with acquired access/privileges

Result analysis and reporting

• Organize Data/related results for Management Reporting
• Analysis and Extraction of General conclusions
• Consolidation of Information gathered
• Recommendations

Clean Up

• Cleaning of all that has been done during the testing
• Any System alterations
• Exploits