Penetration testing or pen testing is an ethical attack, approved by you, on your business. Agilient identifies ways that hackers will get in, what damage they can cause and how much it may cost you. Agilient penetration testing subjects your network and applications to real-world cyber-attack scenarios, to get a complete understanding of your vulnerabilities. A comprehensive test is performed utilising specific testing methodologies for areas ranging from web services such as SOAP, WSDL to specific application frameworks.
Agilient offers penetration testing for:
- Internet sites and applications – Agilient conducts an active analysis of an application for any weaknesses, technical flaws or vulnerabilities. Leveraging both the OWASP and WASC initiatives the testing methodology is used to review custom application code and identify coding vulnerabilities.
- Wireless Networks – Agilient performs a thorough test of the wireless network identifying any weaknesses that may be available to unauthorised users and Guests. It is important that both corporate and guest wireless networks have been configured securely to avoid unauthorised access and eavesdropping.
- Corporate networks – The corporate network infrastructure penetration test utilises the strengths from both the OWASP and OSSTMM methodologies to ensure the most complete approach to testing. This helps organisations identify critical flaws that may allow unauthorised access to data and systems.
In conducting penetration tests, Agilient generally use the following methodology:
- Kick-off – The starting point for the penetration testing is a kick-off meeting to scope the project. Proper scoping is the most important component during the planning and preparation step, in addition to setting up the right levels of access control, and ensuring that systems are ready for testing, e.g. data backup etc. Agreement on timing and duration of penetration testing is essential, as are agreements on the focus points for test activities and the way to proceed for testers in case they succeed in a penetration attempt. We will also discuss and agree on any peculiarities for performing testing on live systems etc.
- Reconnaissance – To begin the actual penetration test, Agilient will use network survey methods and port scanning for reconnaissance purposes to gather any useful information possible. The goal is to identify the systems in scope and confirm they are actually reachable. Agilient testers will use several tools such as Nmap to collect domain names, server names, internet service provider (ISP) information, host IP-addresses, routing protocols, etc. This information will be used to draw up a network map.
- Vulnerability test – In this step, Agilient experts will use automated tools such as Nessus or Nexpose to scan the target systems for vulnerabilities and weaknesses. The outcome of this scanning process is a list of systems that potentially contain one or more specified vulnerabilities and weaknesses. Hence, these are the systems that need an in-depth investigation. The selected target systems will be the scope of the next step to perform the penetration testing activities.
- Penetration test – During the penetration attempt step, Agilient experts will try to exploit the vulnerabilities and weaknesses identified in the previous step, using tools such as Metasploit. One approach to penetration testing is ‘black box’, which means that our testers don’t have any knowledge about your network except publicly available information. An example of this is a penetration test for a website, where only the website URL or IP-address is known. This would equate to an external attack carried out by a malicious hacker. While the focus of Agilient’s penetration testing efforts is on accessing computer assets, Agilient testers will try to obtain or subvert confidential documents, price lists, databases and other protected information, when this is in scope. Of course, we will strictly protect the confidentiality of any information we obtain; the information will only be used to prove that we did, in fact, breach the security of the network.
- Recommendations – After penetration testing has finished according to the agreed scope, duration and rules of engagement, Agilient will draw up a penetration testing report. The report will describe the test target(s) in scope, the test tools and test methods used, the vulnerabilities and weaknesses found in the Vulnerability Detection step, and the penetration attempts performed. For each successful penetration attempt, Agilient will list the related vulnerabilities, the attack method, all logs and data related to the attempt and any other information necessary to reproduce the attempt. We will give a brief analysis of the likelihood and impact of each successful exploit, and include recommendations on mitigating the vulnerabilities we found.
- Finalisation – To complete the penetration test, Agilient will clean all systems targeted during the penetration testing, in cooperation with the customer. In case any system was compromised, the cleaning process will be done in a secure way to ensure that normal operations are not affected. This step will include actions such as backup restore, log file removal and removal of user accounts created during the penetration tests.