For many companies, targeted attacks on IT systems are a real threat. During a penetration test these targeted attacks are simulated by specialized auditors. This type of assessment is based on the risk scenarios that are relevant to the client. Attack vectors are derived from these scenarios and included in the penetration test.
Depending on the perspective (external or internal), the scenario and the objectives, network components, servers, applications, PC clients, etc. are included in the attack attempts. These range from exploiting central systems and an infection of PC clients with Trojan Horses to social engineering. This step utilizes the so-called multi-staging technique, whereby the combined number of different successfully exploited vulnerabilities results in the achievment of the defined objective (i.e. penetrating the internal network via the internet or obtaining access to a central database).
In contrast to the comprehensive approach of the vulnerability analysis, the assessment focus of the penetration test is risk-based. Individual IT systems that are particularly relevant for attacks are thereby being scrutinized for vulnerabilities and exposed to direct attacks. In more complex IT environments the test is generally performed by two auditors.
- Enumeration (recording) of accessible external and/or internal IT systems and services
- Automated vulnerability scan with specific software tools
- Manual vulnerability analysis to identify attackable vulnerabilities and security gaps (risk-based approach / selection of particularly vulnerable systems)
- Manual verification of detected security vulnerabilities via direct system attacks
- Verification of the vulnerability of client systems via so-called client-side attacks (sending of test software or respective links via email, etc.)
- Further aspects are included in the assessment such as: separation of the LAN from external networks with several positions of trust (WAN connection of company branches, WAN connection of external partners, etc.), security aspects of the internal network segmentation (VLAN, etc.), quality of the system administration (patch management, password management, etc.)
Test and attack scenarios will be discussed with the system supervisor during the assessment and may be adjusted if required.
As a result of the test, you will receive a comprehensive risk assessment of the inspected IT environment based on the defined scenarios. In addition, a description of strategic, conceptual and process-related measures and optimization recommendations is an integral part of the final report.