Advance Presistance Firewall

Introduction

Vulnerability and Penetration Test is fast catching up with the global enterprises given the merits that come bundled with these two significant tests that will make the improve the security and seals the scope for vulnerabilities. Referred to as VAPT, it provides a holistic view of the threats that a given enterprise face. Flaws in encryption and authentication are of the reasons as to why VAPT should never be ignored. Recent surveys revealed that WPA2—a protocol that protects WiFi—could be easily compromised. Once the threats are discovered, it would be easy to fix them, which is possible only by an efficient VAPT provider like Cloud4C. Cloud4C Vulnerability Assessment and Penetration Test Service is designed to provide a comprehensive, Web-driven Vulnerability Assessment program that provides visibility into potential exposure areas within a distributed network environment.

Get in touch now

What is VA-PT?

Vulnerability assessment is a process of identifying and quantifying Vulnerability system. A vulnerability assessment is what most companies generally do, as the systems they are testing are live production systems and can’t afford to be disrupted by active exploits which might crash the system.

A form of stress testing, which exposes weaknesses and flaws in a computer system
Art of finding an open door
A valued assurance assessment tool
PT can be used to find flaws in the Specification, Architecture, Implementation, Software, and Hardware

Vulnerability Assessment and Penetration Testing

CIS Compliance and Hardening assessment

As an operating system can have hundreds of configuration setting, hardening and assessing each single image can be a tedious task. We help enterprises in enabling CIS hardening by preconfiguring them to meet the CIS compliances.

Network Vulnerability assessment (External & Internal)

An approach that will analyze and ascertain the possible vulnerabilities in the network—both internal and external.

Network Penetration Testing Services (External) Black box

This will help enterprises to examine the Security poster of applications, hosts, network from the Outside the organization, in short provide glass view weakness exposed to Internet.

Network Penetration Testing Services (internal) White box

This will help enterprises to examine the Security poster of applications, Hosts, Network from the inside the organization, in short provide glass view of weakness, vulnerability exposed to Insider or trusted employees.

Web-application Assessment services

Helps in assessing the vulnerabilities and escalate the threats to the administrator to take necessary action or fix the issues.

Mobile Application Penetration Testing Services

Helpful for providing military grade security to applications that are run on mobile phones and similar devices.

Red Team Attack Stimulation

Red team is a white-hat/ ethical hacker who attacks the organization with an consent and with an intention to check the efficiency of the defenses/security controls of the enterprise.

CIS Compliance and Hardening assessment

As an operating system can have hundreds of configuration setting, hardening and assessing each single image can be a tedious task. We help enterprises in enabling CIS hardening by preconfiguring them to meet the CIS compliances.
Network Vulnerability assessment (External & Internal)

An approach that will analyze and ascertain the possible vulnerabilities in the network—both internal and external.
Network Penetration Testing Services (External) Black box

This will help enterprises to examine the Security poster of applications, hosts, network from the Outside the organization, in short provide glass view weakness exposed to Internet.
Network Penetration Testing Services (internal) White box

This will help enterprises to examine the Security poster of applications, Hosts, Network from the inside the organization, in short provide glass view of weakness, vulnerability exposed to Insider or trusted employees.
Web-application Assessment services

Helps in assessing the vulnerabilities and escalate the threats to the administrator to take necessary action or fix the issues.
Mobile Application Penetration Testing Services

Helpful for providing military grade security to applications that are run on mobile phones and similar devices.
Red Team Attack Stimulation

Red team is a white-hat/ ethical hacker who attacks the organization with an consent and with an intention to check the efficiency of the defenses/security controls of the enterprise.

Testing Approach for Cloud4C

Black Box Testing

Tester need to acquire the knowledge and penetrate
Acquire knowledge using tools or social engineering techniques
Publicly available information may be given to the penetration tester

Benefits

Black box testing is intended to closely replicate the attack made by an outsider without any information of the system. This kind of testing will give an insight of the robustness of the security when under attack by script kiddies. It is also known as “Zero-Knowledge” testing

White Box Testing

White box testing is known as “Complete Knowledge” testing

Testers are given full information about the target system they are supposed to attack. Information Include
Technology overviews
Data flow & Network diagrams
Code snippets & more

Benefits

Reveals more vulnerabilities and may be faster Compared to replicate an attack from a criminal hacker that knows the company infrastructure very well. This hacker may be an employee of the company itself, doing an internal attack.

Gray Box Testing

The tester simulates an inside Employee. The tester is given an account on the internal network and standard access to the network. This test assesses internal threats from employees within the company The relative merits of all these approaches are debatable

In most cases it is preferable to assume a worst-case scenario and provide the testers with as much information as they require, assuming that any determined attacker would already have acquired this.

Methodology for VA-PT by Cloud4C

Scope/Goal Definition

Which attacker profile the tester will use
- Hacker with no knowledge or knowledge about the target
- Internet user with access
Which System or network the test will be conducted
Duration of Test

Information Gathering

Information about the target
- Who is: ARIN ; RIPE ; APNIC
- Google: General Information; Financial, Phone Book, Google Hacking Databases; Web Searching
- DNS Retrieval, SOA Record, MX Records, NS Records, A Records etc.
- Tools / Websites: Cheops-ng, Sam Spade
- Social Engineering
- Dumpster Diving
- Web Site Copy

Vulnerability Detection

Manual Detection
- Manually probe the target host from common misconfiguration or flaws because a vulnerability scanner can fail to identify certain vulnerabilities.
- Open TCP Ports
- Closed TCP Ports
- Open UDP Ports
- Closed UDP Ports
- Service Probing

Information Analysis and Planning

Collocation the information gathered in previous stages
Preparation of high level attack planning
- Overall Approach
- Target Approach

Scope/Goal Definition
- Which attacker profile the tester will use
  - Hacker with no knowledge or knowledge about the target
  - internet user with access
- Which System or network the test will be conducted
- Duration of Test
Information Gathering
- Information about the target
  - Who is: ARIN ; RIPE ; APNIC
  - Google: General Information; Financial, Phone Book, Google Hacking Databases; Web Searching
  - DNS Retrieval, SOA Record, MX Records, NS Records, A Records etc.
  - Tools / Websites: Cheops-ng, Sam Spade
  - Social Engineering
  - Dumpster Diving
  - Web Site Copy
Vulnerability Detection
- Manual Detection
  - Manually probe the target host from common misconfiguration or flaws because a vulnerability scanner can fail to identify certain vulnerabilities.
  - Open TCP Ports
  - Closed TCP Ports
  - Open UDP Ports
  - Closed UDP Ports
  - Service Probing
Information Analysis and Planning
- Collocation the information gathered in previous stages
- Preparation of high level attack planning
  - Overall Approach
  - Target Approach
Penetration & Privilege Escalation
- Attack & Penetration
  - Known/available exploit selection – Tester acquires publicly available s/w for exploiting.
  - Exploit customization – Customize exploits s/w program to work as desired.
  - Exploit development – Develop own exploit if no exploit program available
  - Exploit testing – Exploit must be tested before formal Test to avoid damage
  - Attack – Use of exploit to gain unauthorized access to target
- Privilege Escalation
  - What can be done with acquired access /Privilege
  - Alter
  - Damage
Result Analysis & Reporting
- Organize data/related results for management reporting
  - Consolidation of information gathered
  - Analysis and Extraction of general conclusions.
  - Recommendations
Clean up
- Cleaning up of all that has been doneduring testing
  - Any system alterations
  - Exploits

Penetration & Privilege Escalation

Attack & Penetration
- Known/available exploit selection – Tester acquires publicly available s/w for exploiting.
- Exploit customization – Customize exploits s/w program to work as desired.
- Exploit development – Develop own exploit if no exploit program available
- Exploit testing – Exploit must be tested before formal Test to avoid damage
- Attack – Use of exploit to gain unauthorized access to target
Privilege Escalation
- What can be done with acquired access /Privilege
- Alter
- Damage

Result Analysis & Reporting

Organize data/related results for management reporting
- Consolidation of information gathered
- Analysis and Extraction of general conclusions.
- Recommendations