Vulnerabilities in IT systems can have serious consequences for many companies. If, for example, entire production plants and critical infrastructures fail as a result of a successful attack, significant economic damage can occur in a very short time. The threat scenarios and effects for a company are very individual. This also applies to security assessments of IT environments or of individual components.
With a penetration test, we offer you a targeted review of IT environments or individual components, taking into account individual threat scenarios. The objective of a penetration test is, in particular, the assessment of existing risks with regard to specific threat scenarios. A statement should also be made as to what an attacker can achieve in the worst case within a limited time window.
Assessment of risks with regard to specific threat scenarios through targeted attacks via identification and exploitation of vulnerabilities
What can an attacker achieve in the worst case within a defined time window?
IT systems and components relevant to the threat scenario
As part of a penetration test, targeted attack vectors are defined based on specific threat scenarios. These are then included in the penetration test and simulated by our specialized employees.
Depending on the perspective (external, internal, privileged user), scenario and objective, network components, servers, applications or clients, among other things, are included in the attack attempts. Based on the given threat scenarios, individual IT systems are first analyzed in detail for weak points. Subsequently, specific attacks are carried out on the systems via the identified vulnerabilities in order to achieve the set goals either directly or by exploiting other subsequent vulnerabilities. In the case of more complex IT environments, the assessment is generally carried out by a team of two people.
A Penetration Test typically includes the following aspects::
- Enumeration of accessible external and/or internal IT systems and services
- Identification of vulnerabilities based on the existing threat scenarios
- Exploitation or manual verification of identified vulnerabilities via direct attacks on the systems
- Iteration of previous steps when penetrating further systems or further infrastructure
- Documentation including evaluation of risks and recommended countermeasures
Test and attack scenarios can be discussed with the system supervisor during the assessment and may be adjusted if required.
As a result of the assessment we will provide a detailed report. Depending on the type and scope of the project, the final report will include the following parts:
- Management summary with a description of the results and the security level
- Description of the project approach, scope, schedule and methodology
- Detailed description of identified vulnerabilities in order to understand underlying issues and to enable reconstruction of possible attacks (where necessary with proof-of-concept implementation)
- Detailed description of the iterative exploitation process when using chained vulnerabilities
- Risk assessment of identified vulnerabilities taking into account the IT environment or the application context (risk classification: low, medium, high, critical)
- Description of measures to remedy the vulnerabilities
- If necessary, a description of higher-level strategy, concept and process-related measures or optimization suggestions.
Differences to Red Teaming
In a, targeted attacks are carried out in a limited time frame and on a limited scope (e.g. for a specific IP address range or for a specific threat scenario). In contrast to that, a Red Team Assessment usually takes place over a longer period of time and aims to test your defense mechanisms. In a penetration test, it is usually not important that attacks remain undetected, as these are carried out as transparently as possible for all parties involved. The focus is on performing the penetration test as efficiently as possible.
The focus of red teaming, on the other hand, is on the implementation of the most realistic attack scenarios possible, which are particularly geared towards infrastructures with a high degree of IT security maturity. The aim of these projects is to improve the detection and reaction capabilities for such attack scenarios.
Differences to the Vulnerability Analysis
In contrast to the targeted approach of a, the focus of the is on the broadest and most comprehensive examination possible. The vulnerability analysis is based on the results of automated scans which are then subjected to manual risk analyses and assessments.
The exploitation of multiple subsequent vulnerabilities (post exploitation) as it is used in a penetration test in order to penetrate as far as possible into an infrastructure or an IT system, however, is not part of the vulnerability analysis.
Special Cases of Penetration Tests
Depending on the object of the analysis, we offer special types of penetration tests: