During an Internal Penetration Test, SecureState takes the perspective of a malicious insider (such as a rogue employee or contractor) acting within your internal network. From a starting point on the internal network, SecureState enumerates as much information as possible about the environment, in order to identify all logical assets that belong to the organization. This is accomplished through passive traffic analysis, DNS and LDAP queries, and other techniques. SecureState then maps the accessible services on each system and enumerates vulnerabilities associated with those services and software.
During the attack phase, SecureState attempts to gain unauthorized access to systems by exploiting vulnerabilities using the same tools and techniques employed by hackers in real world attacks. Common targets can include web applications, databases, network services, Active Directory, and other domain systems. The end result is a highly comprehensive, realistic attack against your organization's internal assets.
If successful, SecureState will then attempt to use the established foothold in order to compromise additional systems and networks while hunting for information sensitive to your organization. This is the most important, and yet most often overlooked, phase of a penetration test because it effectively demonstrates the impact that a breach would have on your organization. Common targets in this phase are credit card numbers, Social Security numbers and other personal information, medical information, and proprietary information to your organization, such as source code, or internal methodologies and formulas.
In the final deliverable, SecureState will provide detailed information for each vulnerability uncovered, including suggested remediation or mitigation steps. Finally, SecureState will provide a detailed step-by-step account of the breach (referred to as, "Vulnerability Linkage Theory") which explains how several less severe vulnerabilities can be linked together to achieve a complete compromise.