Penetration Tests

The aim of penetration tests is to evaluate the actual security level of devices, networks or particular systems. Conducting penetration tests, we most often use the black box approach (which provides minimum information on the environment examined), but we also offer grey-box or white-box testing, along with configuration analysis or source code analysis. By doing penetration tests, we use the recognised methods and threat configurations (e.g. published by OWASP), but we also avail ourselves of the recommendations of software producers, ISO/IEC 27000, and the experience of our specialists, who are familiar with various system structures and vulnerabilities. In order to carry out such a test, we use, inter alia, Kali Linux – a specialised Linux distribution that includes dozens of audit tools, supplemented by our own modifications or extensions.

The scope of service is always adjusted to a particular customer. For instance, this may include:

  • Social engineering tests aimed at obtaining key information from employees of an Organisation,
  • Conducting a reconnaissance and background survey – obtaining information on publicly available sources,
  • Penetration tests regarding on-line services, in particular web applications and websites (including performance tests),
  • Network traffic security analysis,
  • Local area network tests, network device testing, including configuration audit,
  • WLAN security tests,
  • VPN security tests,
  • Evaluation of the security of servers that provide services (software versions and services, discovered vulnerabilities),
  • Tests of the cryptographic quality of applied security measures,
  • Workstations security assessment,
  • Examination of the efficiency of the applied firewall,
  • Examination of the efficiency of the applied IDS/IPS, SIEM, and assessment of administrator reactions to access attempts through activities undertaken as part of the tests.

Co zyskujesz?

  • Objective and complete information on revealed threats in the IT environment,
  • Information on the potential impact of revealed threats on the functioning of IT systems,
  • Verification of the appropriateness of applied IT security measures,
  • Verification of employee awareness in terms of IT security,
  • Identification and solution of problems related to IT security,
  • A list of recommendations that ensure an appropriate security level.

Przykładowe realizacje:

Penetration tests of a local area network and IT infrastructure

At the request of the Customer, we have conducted security tests of network devices (switches, routers), as well as all servers, workstations, and devices available in the internal network of the Principal. Apart from a LAN security audit, we focused in particular on evaluation of the wireless network used by the company.

Penetration tests

Audytel was approached by a large institution that uses IP VPN / MPLS, an extensive data transmission network in several hundred locations and two centralised data centres. In connection with plans to launch access via the Internet to the internal resources of the institution, the Customer ordered Audtel to audit the configuration of the security system and to conduct VPN penetration tests.
One of the stages consisted in auditing the configuration of the existing network infrastructure (firewalls, IDS/IPS sensors, access control servers, etc.) In addition, the procedures related to security were analysed (e.g. the certificate installation process). Moreover, Audytel audited the entire documentation: starting from network schemes, addressing, major configurations, and ending with an analysis of project structure and procedures.
At a different stage, black-box testing was carried out (an approach which means the team conducting the test did not know about the solution subject to examination). As a result of analysis, it was found that the solution structure had been designed and implemented accordingly, but several procedures needed to be improved (e.g. automatic certificate distribution). The possibility was also indicated of activating several functions of the system that would increase the technical security level as well as streamline the log-in process and monitoring of its elements.

Audit of the security of the key system for financial information circulation

As part of the security audit of the key system for financial information circulation that was performed on behalf of the Customer, we took into account the configuration and applied security measures of all components of the system. The scope of activities included server penetration tests, focusing on components of the system for automatic financial information circulation and analysing the network traffic between these components.
The tests in question revealed certain irregularities, which did not pose a critical danger to security and were easily eliminated (by installation of the relevant improvements or changes in the configuration of services or security measures).