INTERNAL SYSTEMS VULNERABILITY ASSESSMENT
The Internal Systems Vulnerability Assessment and Analysis (ISVAA) is designed to assess the security posture of your internal network and systems. Again, every devise within your companies' network is evaluated. SCA's seasoned engineers will examine the internal information systems for implementation of industry best and current practices and perform a technical review to exploit known vulnerabilities and configuration errors.
SCA's staff will leverage the power and popularity of open source tools to perform the majority of the assessments. Open source tools are preferred because they are the "Tools of the Trade". An attacker is probably not going to spend thousands of dollars on commercial tools when there are thousands of open source tools that can provide the same, or better, results. By using this method SCA may anticipate what mode of attack a hacker may try, before it's tried.
To assist you in securing the information systems, the results will be evaluated and false positives will be removed. This produces a useful report that can be used to resolve problems and identify best solutions. SCA will never provide a report that has been auto generated by a tool, as they are extremely long and contain a multitude of false positives. Our value is providing useful information that's customized to your institutions needs will help protect sensitive information immediately and effectively.
The ISVAA will initially be conducted with limited knowledge of the environment. The security engineers will not have knowledge of network designs/configurations and will not have logon credentials. The purpose of this is to simulate what would happen if an unauthorized individual were to gain access to your network. Network analyzers (aka Sniffers) will be used to observe and capture data as it traverses the network. Network scanners will be used to identify systems and isolate critical systems to be targeted. All systems will be examined for configuration errors and known exploits.
The next phase of testing will be conducted with knowledge of your information systems. This will allow SCA to perform a thorough audit to ensure your systems meet industry best practices and conform to current required regulations. We will work directly with your IT staff to identify and document daily procedures.
Below is a high-level overview of the tasks that SCA will perform and evaluate during the engagement.
- > Network diagrams and configuration files will be reviewed in this phase
- > Network discovery
- > Review of network and system design
- > Port scanning
- > Manual probing of available services
- > IDS/IPS evasion and alerting testing
- > Vulnerability testing
- > Manual validation of discovered vulnerabilities
- > User/group management review
- > Password management review and audit
- > File system access review and management
- > Review of information systems physical access control
- > Review of server auditing and logging
- > Review anti-virus configuration
- > Review incident response procedure
- > Review change configuration management procedures
At the conclusion of SCA's comprehensive testing, you will be provided with a comprehensive report that can be interpreted by technical staff and non-technical executive management. The report will identify all severe-risk, high-risk, moderate-risk and low-risk findings and provide specific recommendations for eliminating or mitigating the identified risks. Once our recommendations are fully implemented, we are confident that you and your company’s reputation will not be easily breached or compromised.