Process

Process

The types of penetration tests carried out by the Red Team are highly dependent upon the security needs of the client. For example, the entire IT and network infrastructure might be evaluated, or just certain parts of them. Once this has been decided upon, then the specific functionalities of what will be tested is then critically examined. Software applications (such as those that are Web-based) could become targets, the physical infrastructure could get hit, or even a combination of both.

Define Scope

This part defines the entire goals and objectives during the penetration testing exercise, such as:

  • Coming up with the goals or the “flags” that are to be met or captured

  • The compilation of the “Rules of Engagement” — this defines the kinds of cyberattacks that are allowed to be carried out

  • Determine any exceptions that will not be targeted on the attack surface

  • Confirm the actual timetable for executing the penetration testing exercises in conjunction with the client.

  • Obtain a “Letter of Authorization” from the client which grants explicit permission to conduct cyberattacks on their lines of defense and the assets that reside within them

Reconnaissance and Intelligence Gathering

This phase involves collecting information and data about the targets that are going to be hit by the Red Team. Examples of this include the following:

  • The network IP address range that has been assigned to the business or the corporation, as well as determining any open network ports and related services

  • The API endpoints related to any mobile or wireless devices

  • Gathering both the work-related and personal information/data of each employee in the organization. This typically includes email addresses, social media profiles, phone numbers, employee ID numbers and so on

  • Any employee credentials that have been previously targeted by a cyberattack, if any

  • Locating any embedded systems that reside in the IT and network infrastructure.

Planning and Mapping the Cyberattacks

At this stage, the types of cyberattacks that will be launched by the Red Team are mapped out, as well as how they will be executed. Some of the factors that are taken into consideration here:

  • Determining any subdomains that are hidden from public access

  • Any misconfigurations in the cloud-based infrastructure used by the client

  • Ascertaining any weak forms of authentication

  • Making note of any vulnerabilities and weaknesses that are known to exist in any network- or Web-based applications

  • Determining how to further exploit these known weaknesses and vulnerabilities

  • Creating any phone call scripts that are to be used in a social engineering attack (assuming that they are telephony-based)

Launching the Cyberattacks:

At this point, the cyberattacks that have been mapped out are now launched towards their intended targets. Examples:

  • Hitting and further exploiting those targets with known weaknesses and vulnerabilities

  • Impacting any testing or sandboxing environments that are used for developing software applications

  • Accessing any and/or all hardware that resides in the IT and network infrastructure. This includes workstations, all forms of mobile and wireless devices, servers, any network security tools (such as firewalls, routers, network intrusion devices and so on

  • Attacking any client-side applications (primarily those that are Web-based)

Documentation and Reporting

This is considered to be the last phase of the methodology cycle, and it primarily consists of creating a final, documented reported to be given to the client at the end of the penetration testing exercise(s). It consists of the following components:

  • The types and kinds of cyberattacks that were launched, and their impacts

  • The discovery of any unknown security weaknesses and vulnerabilities

  • The degree of exploitation of the above by a real-world cyberattacker

  • The corrective actions that are to be taken to remediate all known and unknown (but were later discovered) security gaps and holes

  • The consequences that could occur from not taking action or implementing the recommended solutions


What Our Customers Say?

Valency Networks is a very techie company, focusing on a continuous improvement in service quality. Our customers like us exactly for that and that helps us keep our quality to the best extent.