Infrastructure Penetration Test

The importance of infrastructure penetration testing cannot be overstated with the increasing sophistication of cyber threats, organisations face significant risks from data breaches, network intrusions, and unauthorised access to critical systems.

Internal Penetration Test

An Internal Infrastructure penetration test reviews an organisation’s internal network, using a variety of vulnerability assessment and attack methods.

The output of the test activity is granular knowledge of the Internal Infrastructure threat surface, and intelligence enabling the mitigation of potential threats before harm is done. Internal infrastructure testing is usually conducted at a client premises and is often scenario and risk based. An assessment, for example, may explore the consequences of a rogue employee or contractor carrying out malicious activities, as an example of a scenario.

Internal Infrastructure security testing should be part of all organisation’s risk assessment methodology prior to, and following internal configuration changes, but also on an ongoing and regular basis to suit the customers threat appetite. Sodium Cyber can provide scheduled regular Internal Infrastructure penetration testing services to our clients to ensure they are secure on an ongoing basis.

On-site penetration test to examine security of all elected assets. Internal assets are considered those which reside within external-facing network boundaries. This typically includes server assets, client devices (including desktops, laptops and mobile devices), networking equipment and software in use on such devices. The segregation between networks (e.g. DMZ, wireless and core networks) or VLANs may also be tested as required. This can include a review and verification of firewall rules in place. Testing will be on site and will typically be partially white box. Testing is intended to cause no interference to normal network operation.

External Penetration Test

An External Infrastructure penetration test checks the entire, or nominated, exterior assets of a client infrastructure (i.e. anything that connects to the internet), using a variety of discovery and attack methods.

The purpose of the test is to learn more about the External Infrastructure security status, and gain intelligence into mitigating potential threats before harm is done. External Infrastructure assessments help provide assurance that a network is safe from external threats as breaches of external networks can result in significant loss of data as well as reputational damage and instability of key business functions.

External Infrastructure security testing should be part of all organisations risk assessment phase prior to changing or launching any new live services. Sodium Cyber can provide scheduled monthly, or at hoc, External Infrastructure penetration testing services to a client to ensure their entire exterior is secure on an ongoing basis.

In depth penetration testing of all identifiable services such as email, VPN, file transfer and remote administration testing will be performed over the internet from the Sodium Cyber offices. A base line assessment of web applications in line with the OWASP Top 10 standards will also be carried out where web applications are discovered. In depth web application testing will require a separately scoped test.

Testing is not intended to cause any interruption to services. Testing will begin with fingerprinting the IT infrastructure and services followed by manual exploitation with a full review of the results by a senior penetration testing consultant.

Firewall Review Testing

Firewall rule set reviews offer a detailed analysis and test of a firewall configuration that has been put in place to protect information, applications, systems and business operations. During a firewall review, a consultant will perform a line by line review of the configuration to identify and examine misconfigurations that could expose vulnerabilities that could be used to compromise the confidentiality, integrity or availability of data passing through the network. Securing firewalls is a key requirement for information security. Although security controls may have already been implemented, it is important to ensure these controls have been deployed accurately and to security Best Practice standards. Firewall review testing should be part of all organisation’s risk assessment phase prior to and following any firewall configuration changes.

The consultant will perform fingerprinting of the firewall devices to determine the ruleset of the firewall in scope. This will include both TCP and UDP port scanning across all available ports as well as vulnerability assessment and password testing. Following this, a manual review of the firewall rules will be carried out to compare the intended configuration against the discovered ruleset.

Wireless Penetration Testing

Wireless technology has been widely adopted by almost all organisations due to ease of use and access. Internal communications traveling over this network may contain sensitive information and therefore it is essential that it is both appropriately secured and segregated. A breach of the wireless network would provide unauthorised access to the internal network potentially impacting the organisation’s data confidentiality, integrity and availability. Securing an organisation’s wireless network is a key requirement for information security. Wireless security testing should be part of all organisation’s risk assessment phases.

On-site test will examine security of all nominated wireless points and check for data leakage and security level. Testing is designed to cause no interference to normal network operation.