Penetration Testing
Our experts will help you understand how effective your cyber security strategy is in four key areas via penetration, network, cloud and application testing.
What Is Penetration Testing?
Penetration testing is a process that evaluates the security of your IT infrastructure. At CyberWhite we use progressive technical security tools that simulate hacking techniques. This enables us to assess the vulnerabilities across your systems and networks.
Testing can expose vulnerabilities in operating systems, services, application flaws, improper configurations and even operator behaviour. What’s more, these assessments are helpful in validating the effectiveness of defensive mechanisms and end-user adherence to security policies.
What Is Involved In A Typical Penetration Test?
Penetration tests are typically performed using a combination of manual and automated technologies to systematically compromise servers, endpoints, web applications, wireless networks, network devices and other potential points of exposure.
Once vulnerabilities have been successfully launched, we will then push to find subsequent exposures in further internal resources; trying to incrementally achieve higher levels of security clearance with deeper access to electronic assets and information by privilege escalation.
We use a structured approach to penetration testing which is based on the Open Source Security Testing Methodology Manual (OSSTM) and Open Web Application Security Project (OWASP) Testing Guide.
Why Do You Need A Penetration Test?
Performing penetration tests means you receive independent verification and assurance that you are secure whilst also allowing you to identify business risks. Once identified, you can then understand the potential impact should a breach occur.
Undertaking a penetration test will also assess the effectiveness of your existing defences and improve your security posture through a detailed understanding of where any gaps may exist.
Ultimately, a penetration test allows you to proactively identify vulnerabilities that could cause damage and disruption to your network and business operations.
Our tests are conducted from the perspective of an external, malicious black hat hacker.
We follow a defined process as below:
To gather intelligence about your network environment and identify all in scope assets/systems belonging to your organisation.
To discover services and applications, and map externally visible services to their associated vulnerabilities.
To attack and compromise targets within scope.
To extract sensitive data belonging to your company, such as personal information, source code, internal methods/procedures, credit card numbers, etc., and thus demonstrate the impact of a real attack.
We provide a detailed report of all areas tested within the scope, any vulnerabilities identified and remediation advice and support to fix the issues.
Note: Our penetration tests begin only after you have given us explicit and signed authorisation. This will be an integral part of our Statement of Work document.
What Type Of Testing Can We Perform?
During an external test, CyberWhite consultants employ the same tools, methods and tactics used by cyber criminals to breach the public-facing IT systems and network of your organisation.
We will review your presence on the Internet and your susceptibility to being compromised.
During the test, we will also determine whether your servers have the latest security updates installed and if they have any misconfigurations that could be taken advantage of by an attacker. Access to administrative interfaces, webmail and remote access portals will also be attempted by guessing passwords and testing those collected from recent data breaches.
The goal is to identify your vulnerabilities ahead of time and provide remediation advice before a real compromise occurs. During an external penetration test, we attempt to gain access to as many of your systems as possible from the outside.
External tests typically take place annually.
During an internal test, CyberWhite consultants simulate the “insider threat” (e.g. a disgruntled employee or business partner) by employing the same tools, methods and tactics used by individuals to breach the internal network and IT systems of your organisation.
To achieve this, our consultants are typically given a connection to the corporate network without any additional knowledge of the environment.
The goal is to identify your internal vulnerabilities ahead of time and advise you on how to fix them. During an internal test, we attempt to gain access to as many of your critical internal systems as possible.
Depending upon the size of your organisation, the type of data held and the organisations risk appetite, internal testing should be carried out at least every six months.
During a mobile application testing, the CyberWhite consultants analyse the security perimeters within a mobile environment to gain insights into the source code’s vulnerabilities, bottlenecks, and attack vectors before it happens.
The goal of the mobile application test is to assess both the mobile application itself and the APIs that manage the data communication with the application.
Mobile applications should be tested at least annually, and in any event, prior to each major update release or significant integration change.
During our phishing campaign, the CyberWhite team attempt to obtain sensitive information such as usernames, passwords, and credit card details by disguising ourselves as a trustworthy entity in an electronic communication.
The goal of a phishing campaign is to educate users to the dangers of these types of attacks. An email will be sent to staff which entices them into entering their corporate username and password. Once captured, statistics are collated and a report generated for the management team.
We recommend the phishing process occur multiple times over the course of a year. A continual cycle of planning, education, assessment, measurement and reinforcement are recognised by the industry as the most effective way to increase awareness.
During a physical access test, a CyberWhite consultant will attempt to bypass physical security controls to gain unauthorised access to your offices, buildings, and other locations within scope, to evaluate the effectiveness of your physical security controls and employee awareness.
The goal of physical penetration testing is to uncover vulnerabilities in physical security controls and advise you on how to fix them, before malicious third parties exploit them.
Physical access is usually tested annually, shortly after your annual security awareness training.
This type of test should also be considered if you move premises or change access protocols.
A code review is probably the single-most effective technique for identifying security flaws. This type of test is an effective method of identifying insecure development patterns, logic flaws, and other subtle vulnerabilities that can be missed during application penetration testing. Members of the CyberWhite code review team are experienced in auditing all modern application development languages and frameworks across a wide variety of platforms.
Using both automated and manual review methods to ensure comprehensive coverage, our team can conduct a review of the entire code base or a targeted review that focusses only on security relevant areas such as authentication and authorisation, exposed interfaces and the handling of user supplied data.
The goal of a code review is to ensure that your applications perform as expected without introducing security vulnerabilities.
Code reviews should be carried out at least annually, and in any event, prior to each major update release.
During a web application test, the CyberWhite team will attack your applications from a black box perspective (functionality), focusing on evaluating the embedded security.
The goal is to identify vulnerabilities in your applications and provide remediation advice to prevent compromise.
Web applications should be tested at least annually, and in any event, prior to each major update release.
During a wireless test, the CyberWhite team will review the wireless network configuration and attempt to bypass or circumvent any authentication requirements on the wireless access points. Testing can include checking for pre-authentication attacks such as captive authentication portal vulnerabilities; DNS information leakage; and DNS tunnelling. We will simulate hacker attempts to attack and exploit your wireless access points.
The goal is to identify your vulnerabilities in your wireless access points that could enable an outsider to gain access to your internal network, and ultimately, to sensitive business information.
Wireless tests should be carried out annually.
Reporting and Remediation Support
Who Would Want To Attack Me?
Malicious outsiders: competitors, hacktivists, nation-states, or organised cyber criminals
Insiders: employees or ex-employees
Customers: Customers can knowingly or unknowingly attack you through their compromised IT systems if they have been subjected to a successful attack themselves.
Vendors or business partners: As with customers, this may be knowingly or unknowingly through their compromised IT systems if they have been subjected to a successful attack themselves.
Please complete the form below to find out more.
What Our Clients Say
“CyberWhite have been a pleasure to deal with by repeatedly demonstrating their professionalism and technical knowledge throughout the procurement process and execution of our project. From initially exploring our goals to a consultant working with us on-site and remotely, we’ve enjoyed a positive experience that has ultimately benefited our organisation and helped to improve our Cyber Security posture.”
“I would like to say a thousand “thank you’s” to CyberWhite after rescuing us from the commercial disaster we faced after being subjected to a very sophisticated fraud. Without the timely involvement and expertise from CyberWhite, we would undoubtedly have faced catastrophic consequences including a significant financial loss and possibly a forced closure of the business. We will always remember the kindness and professional approach taken by the CyberWhite team. They were able to successfully recover the critical data which was the life blood of our business. This expertise has allowed us to continue trading and provided us with the additional benefits of ensuring that we are more cyber risk aware and we now have a security partner to support us.”
“As an Operator of Essential Services, PX Group comply with advice provided by recognised security bodies such as NCSC. The advice is relevant to all organisations who provide infrastructure or support to the UK’s critical national infrastructure. PX Group engaged CyberWhite to undertake Third Party Security Audits (aligned to ISO28000:2007) against key suppliers who had access to information assets within the PX Group domain. CyberWhite created a comprehensive audit document set and supported this with interviews and visits in order to validate responses. The output from CyberWhite was comprehensive and provided security assurance to PX Groups stakeholders and interested parties that the key suppliers had a focus on security and understood and could demonstrate best practices in relation to the handling of PX Groups information assets. This process has been invaluable in validating what we believed and providing a platform from which we will continue to assess, review and benchmark all parties in our information supply chain.”
