Services - Penetration Testing & Vulnerability Assessment

Overview

ZX Security has over 30 years combined experience in testing the security of, and finding security vulnerabilities in corporate networks and systems.
We use a structured approach to penetration testing which is based on the Open Source Security Testing Methodology Manual (OSSTM) and Open Web Application Security Project (OWASP) Testing Guide.
At the conclusion of an engagement we present the client with a detailed report. This report presents the identified security issues in an easily digestible format with a focus on the risk and impact to the business of a particular vulnerability being realised. ZX Security often works with their clients pre-defined risk matrix to ensure an accurate likelihood and impact is quantified. Technical recommendations are also presented which are operationally focused to assist your staff in remediating the issues found.

Example Engagements

External Penetration Test ZX Security will review your presence on the Internet and your susceptibility to being compromised, either through misconfigured, unpatched or insecure servers. Access to administrative interfaces, webmail and RAS portals will also be attempted through weak passwords and those collected from recent data breaches. An external penetration test differs in scope to a red-teaming exercise in that no correspondence is entered into with staff members (i.e. phishing)
Internal Penetration Test When conducting an internal penetration test our consultants are typically given a connection into the corporate network without any additional knowledge of the environment. The goal of the consultant is to make their way through the network, obtain administrative permissions and determine if the security team monitoring the network have the ability to detect and/or stop the intrusion.
Red Team Engagement A red-team engagement often has a very wide scope in that both people and systems are available to be tested for security weaknesses. The engagement is often undertaken by multiple consultants with only key personal from the target organisation aware that testing is being conducted. A red team may trigger active controls and countermeasures, also testing the operational security response to a real life intrusion.
Web Application Penetration Test A pre-defined scope of a particular website(s) is provided and it is tested for common web application security vulnerabilities. Testing is typically unauthenticated in that the attacker doesn’t have valid credentials. Authenticated testing can also be performed were the attacker with a username and password tries to access resources not permitted by their role.
Mobile Application Security Review Both Android and iPhone applications can be reviewed for security issues that may allow an attacker access to your systems or to circumvent controls that would otherwise be present in your regular web applications.
Application Source Code Review Source code is reviewed first using automated tools, then manually by a human to identify common coding issues, backdoors and security flaws.
Corporate Wireless Penetration Test Your wireless network will be reviewed for weak or absent passwords, network-separation controls to ensure non-corporate users remain detached from the corporate network and that certificate-based authentication has been robustly implemented.
Host Hardening Review A host configuration review will consist of multiple steps including:
- Ensuring that NZISM guidelines for server hardening have been applied (for Government clients, or those dealing with the Government).
- Determining if all applicable patches have been installed and that antivirus is working and updates scheduled.
- Ensuring any 3rd party applications installed on the server (e.g. backup agent) have had all applicable security patches installed
- Reviewing the use of administrative privileges on the server
Wireless/GSM Security Review This review steps outside the bounds of regular wireless hacking and into the 2G and 3G spectrum. Testing is typically conducted on hardware devices with SIM cards that only communicate over a cellular network.
SMB Security Health Check The health check is perfect for small to medium sized businesses who want to determine what their current security posture is. The health check will consist of the following tasks:
- Identify information that may be at risk
- Discuss security systems and processes in place
- Identify and review IT security controls
- Lunch-time security awareness training for staff
- Internet presence vulnerability analysis
- Produce a report which provides recommendations for resolving the issues identified