Skip Ribbon Commands
Skip to main content
Home > Services > Profiling > External Attack and Penetration

PROFILING

External Attack & Penetration


Essentials

External Penetration Testing tests the security surrounding externally connected systems from the Internet, as well as within a Corporate Network. Controlled tests are used to gain access to Internet resources and ultimately to the DMZ which is an internal network; by going through and around firewalls from the Internet. External Penetration Testing involves the finding and exploitation of actual known and unknown vulnerabilities from the perspective of an outside attacker.

External Penetration Testing attempts to breach the target as an unauthorized user with varying levels of access, as listed below. This is sometimes referred to as “ethical hacking”.

  • Casual hacker who infiltrates a client’s systems
  • Dedicated hackers who pursue specific information and work with inside information (e.g., knowledge provided by a current or terminated client employee) and via information gathered through open source intelligence.

For example, attackers typically attack remote services such as web mail systems, VPN and Citrix portals. SecureState uses these same techniques to “brute-force” logins and passwords to gain access to sensitive information.

  • External Penetration Testing involves the finding and exploitation of known and unknown vulnerabilities
  • External Penetration Testing detects weaknesses in a system or network that could allow host compromise
External Attack and Penetration Process


Benefits

External Penetration Testing must be conducted to achieve compliance with a multitude of regulations and standards that industries face; including, the Payment Card Industry Data Security Standard (PCI DSS). Additionally, External Penetration Testing detects weaknesses in a system or network that could allow host compromise. External Penetration Testing also tests an organization’s external monitoring and Incident Response capabilities.

Expertise

SecureState’s Profiling Team is comprised of nationally renowned ethical hackers. The team’s background includes military intelligence, law enforcement, big X consulting as well as financial institutions. Our team is constantly working to stay at the forefront of penetration testing and security assessment technology as well as business trends through training, education, and speaking. Members of the Profiling Team are regularly asked to speak as subject matter experts on penetration testing at all of the major security and hacker conferences; including, Defcon, ShmooCon, OWASP AppSec DC, Hackers on Planet Earth, DerbyCon, Toorcon, Notacon, and Black Hat USA.

Did You Know?

  • External Penetration Testing tests an organization’s external monitoring and Incident Response capabilities
  • Penetration Tests are not Vulnerability Assessments
  • Penetration Tests should be performed at least once a year and after any significant application modification or network upgrade
  • Penetration Tests should follow industry standard testing methodologies
  • Penetration Tests are an important part of any security program

Our Approach and Methodology

The SecureState Profiling Team is well known and highly regarded as experts in Penetration Testing. Our approach follows industry accepted testing methodologies such as PTES and NIST 800-115. By following these methodologies, our clients can accurately replicate the testing SecureState has performed in their own environment to accurately mitigate identified vulnerabilities. The Profiling Team also helps identify strategic “root cause” issues through our Penetration Tests. Our Risk Management Team is uniquely positioned to work closely with the Profiling Team in order to assist clients with mitigating these strategic “root cause” issues.

Phase I – Pre-engagement:

In this phase, SecureState works with the client to establish the rules of engagement as well as the scope and exchange contact information with both parties. SecureState provides a detailed Project Charter which contains information on scope and everything that will be required to conduct the testing. The Project Charter is discussed during the kickoff call prior to the beginning of the engagement.

Phase II – Discovery Analysis / Footprint Creation:

The next step is to create an Internet profile or “footprint” of computer addresses and other information regarding the client’s Internet connected systems, while taking an “unknown presence” and reducing it to a specific range of domain names, IP network ranges and host systems.

Phase III – Service Enumeration:

Specialty tools are used to programmatically “ping”, or map a client’s existing Internet presence. Next, a “service scan” is initiated to identify listening service ports, in order to determine the type of operating systems and applications in use. Detailed configuration and user information is obtained for each system, and the computer addresses acquired during Phases I and II are programmatically scanned.

Phase IV – Application Layer Testing:

A limited manual testing of any web applications encountered is conducted to look for common web application vulnerabilities, such as SQL injection.

Phase V – Exploitation:

All identified vulnerabilities will be assessed as to the likelihood of exploitation, and we actually do exploit the vulnerabilities.

Phase VI – Post Exploitation:

The Post Exploitation Phase includes pillaging, penetrating further into the network, documenting and erasing any remains we might have left behind.

Phase VII – Reporting:

As part of the deliverable, SecureState provides a report which contains a short, graphical summary aimed at senior management, a narrative body which details major findings and a detailed findings section aimed at the technical staff. Additionally, we provide a closing call and high-level executive presentation to summarize the penetration test as well as provide an opportunity to ask questions about the engagement.

 

What Makes Us Different

  • SecureState uses a team-based approach for all Penetration Tests
  • Utilizes proprietary Vulnerability Linkage Theory (VLT) to achieve a greater attack
  • Demonstrates proprietary tools to clients during Penetration Testing
  • Publishes our own Exploits, Zero Days and Tools to the Information Security Community
  • Profiling Team members are known as experts in Penetration Testing worldwide
  • Profiling Team members are frequent speakers at national and worldwide security and hacking conferences; such as DEFCON, Black Hat, OWASP AppSec, SANS, ShmooCon, THOTCON, DerbyCon, ToorCon and more
  • Conducts all external Penetration Tests from our state-of-the-art hacking facility in SecureState’s world headquarters; a DOD cleared facility
  • SecureState has the capability to perform secure remote Internal Penetration Tests using the latest Penetration Testing technology
  • Provides a secure, two-factor authentication web portal for access to Penetration Test results
  • Follows industry standard testing methodologies, vulnerability rating systems and uses real attack data collected by SecureState through years of assessments to compare your company to your industry peers from a security perspective