Global
Penetration Testing
Penetration testing determines how well your organization's security policies protect your assets by trying to gain access to your network and information assets in the same way a hacker would. Tests can range from an overview of the security environment to attempted "hacking" with the intent of obtaining investigative information. The SecureWorks penetration test will reveal:
- How difficult it is to obtain data from outside of the network
- Which information is at risk
- What measures should be implemented to protect your assets
Penetration testing subjects a system to real-world attacks and identifies the extent a system can be compromised before an actual determined attack. This allows you to know where enhanced security is needed or be confident in your current security program. Only a real penetration test can simulate what would happen if a determined hacker were to attack your organization.
Penetration Testing By Industry Leaders
Since SecureWorks monitors and protects thousands of corporate networks—including many in financial services, healthcare, retail and utilities—we have deep expertise in the attacks and exploits used against mission critical assets. In fact, our database contains over one billion attacks against our clients that we've prevented. This knowledge is utilized during network penetration testing, which allows us to know what attacks are most commonly used against organizations like yours for more focused, cost-effective penetration testing.
The Penetration Test Process
Discovery
SecureWorks will perform thorough searches of the various who is databases, scan tools, etc., to obtain as much information as possible about the target organization. These searches often reveal many more Internet connections than the organizations expect. We can also leverage information disclosed on the Web about the organization, it’s employees and it’s systems that can be used for Internet-based attacks or social engineering tactics (if in scope). ). Many organizations are amazed by how willing their employees are to divulge information that is useful to an attacker.
Enumeration
Once specific domain names, networks and systems have been identified through discovery, the penetration tester will gain as much information as possible about each one. The key difference between penetration testing discovery and enumeration is the level of intrusiveness. Enumeration involves actively trying to obtain user names, network share information and application version information of running services, limited only by agreed-upon rules of engagement and scope.
Vulnerability Mapping
Vulnerability mapping, one of the most important phases of penetration testing, occurs when security practitioners map the profile of the environment to publicly known, or in some cases, unknown vulnerabilities. SecureWorks has a dedicated Counter Threat Unit applied security research group, which is constantly combing the “blackhat” community for new and emerging vulnerabilities. Leveraging the CTU’s research, our consultants understand the very latest attacker techniques and how they are used to exploit security weaknesses.
Exploitation
The exploitation phase begins once the target system's vulnerabilities are mapped. The penetration tester will attempt to gain privileged access to a target system by exploiting the identified vulnerabilities. The key to this phase is manual testing. No automated tool can duplicate the testing of an experienced penetration tester who is skilled in the art.
Report
SecureWorks works with you to develop a report that will provide clear findings and a prioritized matrix of actions and work efforts. SecureWorks will provide a preliminary draft report to the technical point of contact for the purposes of review and clarification followed by a final report at the conclusion of penetration testing. The report will include:
- Executive Summary (jargon free, true executive level summary)
- Methodologies and scope, and summary of evaluations
- Research: IRC, USENET, Websites, etc
- Priority Matrix, indicating remediation priorities, and risk
- Work Matrix, indicating estimates of work efforts required for remediation
- Findings and recommendations sufficient for risk management and remediation planning
Post Penetration Testing Support
SecureWorks is available for up to one year after network penetration testing to provide additional support for findings and recommendations, or any remediation efforts.
Complementary Services
Assurance Testing
Information security is an integrated process that reduces information risk to acceptable levels based on an assessment of risks. Because penetration tests only measure the security posture at a point in time, increased testing frequency provides increased assurances that certain control processes that are in place are still functioning.
Learn more about SecureWorks Vulnerability Scanning Service
Social Engineering Testing
Social engineering tests your “human firewall”. This is a method of gaining access to an organization and its assets by tricking key personnel over communications medium such as telephone, email, chat, bulletin boards, etc. from a fraudulent "privileged" position. If your staff has received the training to defend itself, this test will enhance their effectiveness.
Modem Testing (WAR Dialing)
This is a method of enumerating modems and gaining access privileges to the modem-enabled systems of a target organization.
