EXTERNAL SYSTEMS VULNERABILITY ASSESSMENT
The External Systems Vulnerability Assessment and Analysis (ESVAA) is designed to assess the security posture of the institution's external network and systems. SCA's security engineers will examine the external information system for implementation of industry best practices and perform a technical review to exploit known vulnerabilities and configuration errors and identify immediate correction methods. Continuing with reducing your institutions liability by classifying exactly what type of client data you need, who may access it, and how long you need to retain it.
SCA's staff will leverage the power and popularity of open source tools to perform the majority of the assessments. Open source tools are preferred because they are the "Tools of the Trade". An attacker is probably not going to spend thousands of dollars on commercial tools when there are thousands of open source tools that can provide the same, or better, results. From this perspective SCA’s ESVAA is conducted in two very distinct phases.
The first phase is reconnaissance. SCA's security engineers will utilize multiple search engines and research public databases to gather information about your institution and systems. Port scanning will also be performed during this phase. SCA will identify available services and begin foot printing them. The reconnaissance phase is often overlooked by novice attackers, who choose instead to go directly to heavier testing. The skilled attacker will not bypass this phase; they understand reconnaissance is a vital step in compromising a network. Information collected in this stage can help the attacker better understand the institution's network and systems. The more knowledge gained about the system the less likely the chance of them being detected and the higher the risk of having your data breached by a hacker; this phase is key in SCA's approach to securing your network.
The second phase is the assessment and penetration phase. SCA's expert security engineers will examine the systems for known vulnerabilities and mis-configurations. Automated tools will be utilized to identify possible areas of concern. Manual hands-on techniques will then be executed to exploit and validate the weakness. SCA will immediately notify the designated point of contact upon discovery of critical vulnerabilities.
Below is a high-level overview of the tasks that SCA will perform and evaluate during the engagement.
- > Port Scanning
- > OS Fingerprinting
- > Manual Probing of Available Services
- > IDS/IPS Evasion and Alerting Testing
- > Vulnerability Testing
- > Manual Validation of Discovered Vulnerabilities
- > War Dialing
- > Employee Email Phishing
- > Dial-in/RAS Security Testing
- > Web Application Assessments
- > Firewall Testing and Validation
In order to guarantee compliance, SCA's security professionals perform extensive tests on all external addresses, whether in use or not. SCA will document all dormant IP addresses that are not in use, and will focus on the live addresses for penetration testing. All telephone ranges are likewise assessed.
To assist your financial institution in securing the information systems, the results will be evaluated and false positives will be removed. This produces a useful report that can be used to resolve problems. SCA will never provide a report that has been auto generated by a tool, as they often contain a multitude of false positives; SCA's reports are useful, customized and unique to each client. We believe our value is providing useful information that will help protect and secure your networks sensitive information NOW.