RedTeam Security's network penetration testing methodology is based on the Penetration Testing Execution Standard (PTES) framework and combines the results from industry-leading testing tools with manual testing to enumerate and validate security vulnerabilities, find attack vectors, configuration errors, and business logic flaws. While automated tools check for known vulnerabilities, they are incapable of assessing real business risk or determining the extent of the possible exploitation. Our network security testing helps you improve your security posture by lowering the risk of unauthorized access and sensitive data breaches, improving productivity, protecting your brand from cyber attacks, and maximizing the ROI from your network devices.
While automated testing enables efficiency, it is effective in providing efficiency only during the initial phases of a penetration test. At RedTeam Security, it is our belief that an effective and comprehensive network pen test can only be realized through rigorous manual testing techniques.
RedTeam Security's penetration testing methodology assesses the targeted Internet-facing and internal systems using a multi-layered approach: Information Gathering, Threat Modeling, Vulnerability Analysis, Exploitation and Reporting.
Before beginning the network pen test security assessment, the pre-engagement phase begins. During the pre-engagement phase, RedTeam Security will collect details required to execute and kick off the project. The data elements collected during this step include: testing windows, testing dates, IP addresses, along with other relevant information. This phase is crucial as it establishes the overall rules of engagement for the network security assessment.
Using the information gathered for the kick-off meeting, RedTeam Security confirms the necessary details to ensure the assessment is executed efficiently, effectively and in accordance with the overall objectives.
The information-gathering phase of our network pen testing methodology starts the process. Information-gathering consists of Google search engine reconnaissance, server fingerprinting, network enumeration, and more. Information gathering efforts result in a compiled list of metadata and raw output with the goal of obtaining as much information about the network's makeup as possible. Reconnaissance includes initial device footprinting, service enumeration, and operating system and application fingerprinting. The purpose of this step is to collectively map the in-scope environment and prepare for identified vulnerabilities.
During the Information Gathering phase, RedTeam Security will:
With the information collected from the previous step, security testing transitions to identifying vulnerabilities in the network. This typically begins with automated scans initially but quickly morphs into manual testing techniques using more pointed and direct tools. During the threat-modeling step, assets are identified and categorized into threat categories. These may involve sensitive information, trade secrets, financial documents, etc.
During this phase, RedTeam Security penetration testers will:
The vulnerability analysis phase involves the documenting and analysis of vulnerabilities discovered as a result of the previous network penetration testing steps. This includes the analysis of out from the various security tools and manual testing techniques. At this point, a list of attractive vulnerabilities, suspicious services, and items worth researching further has been created and weighted for further analysis. In essence, the plan of attack is developed here.
Unlike a vulnerability assessment, a network penetration test takes such a test quite a bit further specifically by way of exploitation. Exploitation involves actually carrying out the vulnerability's exploit (i.e., buffer overflow) in an effort to be certain if the vulnerability is truly exploitable.
During the Exploitation phase of a penetration test, RedTeam Security's pen testers will attempt to gain access to the devices, networks, or applications through the bypassing of firewalls and other security controls and by the exploitation of vulnerabilities in order to determine their actual real-world risk. Throughout this step, we perform several manual tests simulating real-world attacks that are incapable of being performed through automated means. This phase of a RedTeam Security penetration test consists of heavy manual testing tactics and is often the most time-intensive phase.
Exploitation may include but is not limited to credential harvesting/guessing, network sniffing, leveraging known vulnerabilities in outdated software.
As part of the Exploitation phase, RedTeam Security will:
The reporting step is intended to compile, document, and risk rate findings and generate a clear and actionable report, complete with evidence, for the project stakeholders. The report is delivered via the RedTeam Security's portal. A presentation or review of findings can occur via virtual meeting if requested. At RedTeam Security, we consider this phase to be the most important and we take great care to ensure we've communicated the value of our service and findings thoroughly.
In order to perform a comprehensive real-world assessment, RedTeam Security utilizes commercial tools, internally developed tools, and some of the same tools that hackers use on each and every assessment. Once again, our intent is to assess systems by simulating a real-world attack and we leverage the many tools at our disposal to effectively carry out that task.
We make use of tools from the following categories (not a complete list):
Along with detailed descriptions and screenshots of vulnerabilities and how RedTeam Security's pen testers found them, we provide recommendations based on best practices on how to remediate those vulnerabilities. Our objective is to help fix vulnerabilities, not just find them. As a result, remediation re-testing is always provided at no additional cost. Once you have a chance to remediate those vulnerabilities you feel would best improve your security posture, let us know and we will schedule a retest of those findings and provide you with an updated report.
We consider the reporting phase to mark the beginning of our relationship. RedTeam Security strives to provide the best possible customer experience and service. As a result, our report makes up only a small part of our deliverables. We provide clients with an online remediation knowledge base, dedicated remediation staff, and a ticketing system to close the ever-important gap in the remediation process following the reporting phase. Again, the underlying framework is based on the Penetration Testing Execution Standard (PTES) but RedTeam Security exceeds those standards.
At RedTeam Security, we understand your network's security is an essential piece of maintaining your organization's overall cybersecurity strategy. Network penetration is a detailed method of identifying any potential vulnerabilities. When it comes to your network, we will rigorously test all known exploits and look beyond to identify potential other vulnerabilities. From intelligence gathering to identifying potential vulnerabilities to offering solutions, RedTeam Security is committed to ensuring your network's security is the strongest. To learn more, contact RedTeam Security today at 612-234-7848.