Vulnerability Assessment,Vulnerability Management and Penetration Test

Vulnerability Assessment (VA) refers to security analysis that sets out to identify any vulnerabilities in the system and the applications of a network, by identifying and assessing any damage an attacker may cause to the business.

The Vulnerability Assessment can be carried out both within or outside of the company network, simulating the various scenarios that could occur in a company. This provides a final report containing the vulnerabilities which if resolved could guarantee better security and a more secure system. The Vulnerability Assessment must be guaranteed, periodically, in the presence of sensitive data, especially following the introduction of the GDPR.

After the Vulnerability Assessment, a report is delivered describing the vulnerabilities identified and followed by possible solutions.

The Vulnerability Assessment services we offer are:

• Networking and network devices scans: we carry out scans of the entire network, identifying: open gateways, active hosts, operating system version, web server versions and analysis of network packets.
• Wireless Network Scanswe carry out scans of the entire Wireless network with the goal of identifying vulnerabilities and weak passwords.
• Web Application scans: we carry out scans of an entire Web Application identifying any vulnerabilities starting with a single IP/URL. We have tools that identify the presence of vulnerable scripts within the Web Application. In addition, we test the vulnerabilities already noted to obtain possible results. We identify the defects that allow SQL injections to be made, so as to avoid losing control of the DBMS server. Lastly, all of the vulnerabilities found will be listed according to criticality.
• IoT scans: we check for the presence of weak passwords or device defaults that may allow non-authorised users to access the network. We check for the presence of non encrypted communications, the presence of non updated firmware and the protocols used. All this to avoid tampering and the use of devices without authorisation.
• Application Security Testing: we carry out static application security testing (SAST), dynamic testing (DAST) and interactive testing (IAST) of the code with the aim of identifying vulnerabilities. In addition, we test the vulnerabilities already noted to obtain possible results.
• Privileged User Scans: we carry out scans of Windows, Unix and Linux systems to search for privileged users present. On Unix/Linux systems, we also scan the SSH keys in the repository standard. Therefore we provide correlations about accesses between servers, for the purpose of preventing Pass-the-hash type attacks.
  .

Vulnerability Managemente (VM) is a cyclical and fully automated practice aimed at identifying, classifying, prioritising, fixing and mitigating vulnerabilities.

Vulnerabilities can be identified using a vulnerability scanner, which analyses a system in search of known vulnerabilities, such as open gateways, non-secure software configurations or those susceptible to infections by all kinds of malware.

This cyclical activity guarantees constant monitoring of the system so that a vulnerability, once resolved, cannot reoccur.

Monitoring and control: techniques are adopted that allow for all endpoint problems to be identified and resolved in a few minutes: fixed, portable, physical and virtual. We use tools that help security teams to accurately identify threats and establish priorities throughout the entire company and offer intelligent insights which allow the team to quickly respond to reduce the impact of incidents.

What's more, we bring together data from the log events of thousands of devices, endpoints and applications throughout the entire network, in order to establish a link between all the various information and to group together correlated events into single notifications in order speed up the analysis and correction of incidents.

Penetration Test are indispensable in assessing the security of an information system, testing and verifying the effectiveness of cyber security controls.

Basically it is a real simulation of a hacker attack whose target is a limited perimeter of the system. These kind of tests are normally carried out using manual or automated technologies with the aim of deliberately compromising the systems.

These tests are carried out only after obtaining authorisation from the target. After the Penetration Test a report is delivered describing the vulnerabilities identified and the techniques used to hack the system. The final step is the correction of the vulnerabilities found.

We can carry out two types of Penetration Test : Black Box e White Box.

A Black Box attack test does not have any information regarding the IT infrastructure on which to carry out the tests. Our testers act by putting themselves in the shoes of a real cracker, so real attacks are made in order to identify the vulnerabilities. Our service analyses the structure and thus the security of your information systems.

The aim of the Black Box technique is to analyse the security of the systems using various techniques such as ad-hoc attacks or social engineering attacks to identify weaknesses. We carry out IT system tests on your personnel and physical security (backup).

Black Box Testing includes all or most of our services:

• Penetration Test of Web applications;
• Use of Social engineering;
• Client attacks;
• Use of controlled malware (backdoor, reverse shell);
• Penetration Test of passwords.

In short, for the Black Box technique we are not offeredany information about the infrastructure. The client provides us with some addresses or just the name of the company. This service is adaptive and is always provided by way of a team of professionals, with different skills in all security fields. Our professionals are certified and constantly updated about trends in the area of security. They also personally look after Threat Intelligence in order to be always up to date about the behaviour of new malware and the latest vulnerabilities.

In a White Box attack test, the testers have received in-depth information about the various targets and about the entire infrastructure. This type of test involves a simulation of scenarios.

Some of the information provided to the testers can be: documentation, architecture, system source code or password. This test guarantees more coverage than the types of different attacks that may not be known in Black Box tests.

This test means time can be gained, insofar as it is not necessary to carry out the reconnaissance phase like in the Black Box test since all the information is provided by the client.

In the White Box test we provide:

• Vulnerability assessment;
• Penetration Test of Web applications;
• Client attacks;
• Use of exploits on the basis of information provided about the systems;
• Penetration test on network traffic;
• Use of controlled malware (backdoor, reverse shell).

The Penetration Test services we offer are::

• Penetration test of Web Application: we carry out tests on Web Applications, identifying the vulnerabilities present. We can enter the system using open gateways, incorrect system configurations or by exploiting vulnerabilities caused by old versions of certain software. We have tools that allow us to also carry out manual penetrations.
• Exploits to run pen tests on Windows, Linux and Mac OS X: we adopt techniques that use exploits to take advantage of known vulnerabilities and enter the systems to get sensitive data without authorisation.
• Penetration test on network traffic: we adopt techniques that enable us to intercept network traffic, retrieving sensitive data that flows without encryption. We use tools that carry out network sniffing. We have a complete suite to carry out Man In The Middle attacks.
• Penetration tests of passwords: we make passwords more secure: we do it using very fast crackers that carry out Brute Force attacks based on word lists in order to identify weak passwords and replace them.
• Malvertisement service: it is structured so as to generate and send a list of users a well structured fake email containing a link, with the aim of identifying all of the users who do not check the sender of the email and just naturally click on the link. The link leads to a web-server that maps the user who carried out this type of operation.