Vulnerability Assessment

A vulnerability assessment is the process of identifying, quantifying and prioritizing the vulnerabilities in an IT infrastructure.
Assessments are typically performed according to the following steps:

 

  1. Cataloguing assets and resources in a system. 
  2. Assigning a value and importance to those resources
  3. Identifying the vulnerabilities or potential threats to each resource 
  4. Mitigating or eliminating the most serious vulnerabilities for the most valuable resources 

 

A vulnerability assessment has a similar approach as a pentest, but it leaves out the exploitation part:

 

  • Pre-engagement interactions
  • Intelligence gathering
  • Threat modelling
  • Vulnerability analysis
  • Reporting

 

The objective of these assessments is finding as many vulnerabilities as possible, while with a pentest we look for enough vulnerabilities to allow us to breach the security perimeter.

 

 

Quickscans

For businesses with smaller security budgets we offer a 'Quickscan' service. During one or two days we test part of your IT perimeter making sure that it is protected against the most common vulnerabilities. It is a cost-effective way to catch the low-hanging fruit and close doors that even the lesser skilled hackers could exploit. The pre-engagement and reporting steps of a Quickscan project are truncated to allow maximum value for little time spent.

Penetration Testing

A penetration test (or "pentest") is a simulated attack of an IT infrastructure (computers, network devices, applications) with the intention of finding security weaknesses to potentially access the system and the data it contains. The difference with a vulnerability assessment is that the pentester will exploit a discovered vulnerability to penetrate a system's defences.

 

Pentesters and hackers only differ by permission and intent. Pentesters have a contractual permission from the owners of the infrastructure to test for security weaknesses, and their intent is to report. Hackers operate illegally, and they can misuse the information they obtain. But both use the same tools and techniques.

 

The project scope typically defines the elements to be tested, establishes an engagement time period, defines the methods and tools to be used, defines the pentesting objectives, defines procedures for handling the customer data, and establishes reporting requirements.
 

Standard elements for testing in a scope are:

 

  • Websites 
  • Networks (a DMZ, a LAN) 
  • Wi-Fi 
  • Critical services (DNS, Email, remote access) 
  • People (Social Engineering)
  • Physical Access

 

A pentest can be performed in three different contexts. A "Black Box" test is a test with very little or no knowledge of the target element, similar to the starting point of an outside hacker. A "White Box" test is performed having full disclosure about the target element (IP addresses, source code, network diagrams,...). Finally, a "Grey Box" test is somewhere between White Box and Black Box, with partial knowledge of the target element. This mimics the capabilities of an inside hacker.  
The main difference between these contexts is the time involved.
 

A clear scope will help to estimate the time required to perform the pentest and will help to keep a control of the costs. A typical pentest contains the following steps:

 

  • Pre-engagement interactions
  • Intelligence gathering
  • Threat modelling
  • Vulnerability analysis
  • Exploitation
  • Post-exploitation
  • Reporting

 

The report is a key deliverable in the project. It will help you to have a clear view of the problems, and a way to address them.
 

The project is closed out with a meeting to discuss the findings.