Organizations invariably struggle to operationalize static penetration test output. Without trend analysis, business context, or remediation prioritization capabilities, they ultimately fail to demonstrate value or provide the reassurance that C-Level Executives are looking for.
SureCloud not only offers a wide range of network security testing and assurance services, but crucially, we stay with you throughout the entire test life-cycle from scoping through to vulnerability discovery and remediation. Certified by the National Cyber Security Centre (NCSC) & CREST and delivered using the innovative Pentest-as-a-Service (underpinned by a highly configurable technology platform), SureCloud acts as an extension of your in-house security team and ensures you have everything you need to improve your risk posture. Discover the full list of network security services we offer below:
Network Penetration Testing is often performed from two distinct perspectives; an external and an internal assessment. Both testing aspects utilise a similar methodology, but with some differences with the execution of each step, which can be tailored to the requirements of the organisation. During the scoping phase of the project SureCloud will provide any additional recommendations for areas to focus upon that may be useful areas for the organisation to have further assurance against.
SureCloud’s external network penetration testing incorporates infrastructure-level targeting of your organisation’s exposed network, which may include specific network addresses or ranges (governed by IP addresses or hostnames), alongside information that is discovered freely on the public internet.
The external phase starts with reconnaissance, where our cybersecurity team performs both passive and active detection of available network services, such as using search engine results and network scanners. It is often found where organisations are not aware of the information available online where search engines have cached information that should not be publicly accessible.
Further steps along in our methodology also consist of more active measures such as port and vulnerability scanning which can identify vulnerable services that are accessible and facing the internet (for example a database server), with manually-led and creative exploitation of any of these exposed services. The overall aim of an external penetration test is to demonstrate what an attacker with no prior knowledge of the organisation can gain from the perimeter infrastructure.
SureCloud’s internal network penetration testing focuses more on what an attacker (such as an outside threat or a disgruntled employee) may be able to perform given basic access to a corporate network. As an overview this may encompass ensuring segregation between business functions down to the technical low level of establishing whether software and services are vulnerable to attack.
Effectively the internal stage of a penetration test is structured around identifying what an attacker could exploit from within the network itself, such as if a workstation had been compromised, an attacker accessed the network physically with their own system (such as a laptop), or if there were any other way into the organisation’s network (such as from the perspective of an insecure corporate wireless network, or via the internet).
Additionally, SureCloud will also include a privileged credential scan of the target environment, with scope of both workstation and server systems, along with SCADA devices and other network-capable systems. This provides your security team with granular information relating to missing security patches, configuration issues, and other common vulnerabilities that can easily be detected when scanned with an industry-standard vulnerability discovery tools.
The output of the internal assessment is to provide security teams and management with an overview of the corporate network as a whole, along with detailed information on any paths to compromise, whether this is obtaining control over an Active Directory domain, gaining unauthorised access to a Card-Data Environment (CDE), or other sensitive business critical information and data.
Drawing on over a decade of experience in testing various types of web applications across a range of different clients, SureCloud’s team of highly-experienced web application cybersecurity experts have a combined skillset between them that cover the majority of web application programming languages, which includes a detailed knowledge of attack vectors that still affect corporate and consumer websites today.
The team bases its approach on the OWASP methodology as well incorporating tests tailored to the individual specifications of an application to ensure that we are able to work with our clients to further enhance their web application’s configuration and security posture. Going beyond the OWASP methodology the SureCloud team constantly update their knowledge, toolsets, and processes to ensure that websites are defended against the latest threats in an ever-changing landscape.
SureCloud’s Application Program Interface penetration testing services can be tailored to a variety of different services being used within a number of different environments. From consumer-based APIs that integrate with web and mobile applications, to system logic processes used within organisations. SureCloud can offer a full range of API testing to provide assurance and any necessary recommendations to further strengthen and build upon an existing security posture.
Whilst many API services utilise JSON and SOAP requests, SureCloud can also provide bespoke testing on custom binary APIs. Going beyond the OWASP Top 10, SureCloud can also ensure that functionality will remain secure and that business logic is being carried out the way it was intended by understanding both the logic and technical aspects of an API service before carrying out any kind of testing.
The code review service goes beyond regular penetration testing and allows the SureCloud cybersecurity team to perform a white-box review of applications, covering both dynamic and static analysis. By sitting with developers, reviewing the source code and engineering proposals when applications are created, companies can gain greater assurance their applications that are built from the ground up will have a stronger security posture.
The SureCloud team has experience in most programming languages including CPHP, ASPX, Java, and Ruby as well as having experience with a variety of old and new webserver and database management system technologies. The Code Review service can be performed on both existing system environments that have already been established as well as those within the development phase of the systems life cycle.
SureCloud’s Red-Team Simulated Cyber Attack service meets provides assurances and demonstrates actual business risk through specific objectives using a blend of penetration testing, social engineering, and physical breach attempts. The scope of the Red-Team service includes SureCloud taking on-board the primary concerns and critical assets of an organisation and using these as part of the objectives during the wider engagement.
These Red Team engagements mimic the current generation of high-effort threats that organisations face, which are designed specifically to reduce uncertainty around what an actual real cyberattack would look like and how the organisation’s mitigations and active defences perform.
Due to the similarities between a Red Team engagement and an actual high-effort attack, the organisation can use this engagement to train defensive capabilities in face of real world advanced and persistent threats and identify weaknesses in controls and capabilities, including physical controls, staff awareness as well as incident responses processes and procedures. The overall aim of being to prevent, detect and respond to the simulated attack as if it were real, as well allowing a realistic overview for testing crisis management procedures.
Mobile application penetration testing has the experienced SureCloud cybersecurity team reviewing every aspect of your Android, iOS, or Windows Mobile application. From decompiling the application to review the source code, assessing how the application stores sensitive data, to the API communications between the application and your cloud or self-hosted services.
Whilst most mobile API services utilise JSON requests and RESTful models, SureCloud can also carry out API testing on just about any form of mobile API. Going beyond the OWASP Top 10 can also ensure that functionality will remain secure, such as business logic validation, which is underpinned by understanding both the logical and technical aspects of an API service before carrying out any aspect of testing.
SureCloud provide an array of device assessment services, ranging from workstation and server build reviews, mobile device management and device policy configuration reviews, and off-the-shelf device configuration reviews. Each of these are tailored to specific organisation requirements, such as CIS standards, PCI DSS compliance, and any risks that the organisational has raised as part of a risk-registry programme.
The build reviews provide assurance for the current state of these devices, or for any prospective deployments as part of the security life-cycle, with an aim of identifying and highlighting the potential impact if an authorised or unauthorised user gains access. For example, a device that has been lost, stolen, or accessed by an authorised user with malicious intent (in the case of an insider attack) would all be scenarios where unauthorised access to locally stored data, and/or the ability to escalate privileges would pose a serious threat to an organisations security posture.
A full security audit is performed against the scoped device, with testing undertaken to identity areas where remediation is required, such as where hardening of the build process can be improved. Some of the areas where specific focus is spent includes where local storage of the device may be unencrypted, or where encryption has been implemented but may not meet the required standard for secure encryption technologies. Along with this there may be known security vulnerabilities that are present through missing security updates, or where further configuration is required to utilise the capabilities of the software.
Penetration testing is also undertaken against each of the devices within the security context of a ‘standard’ user account with the aim of identifying any opportunities for privilege escalation, that is can the standard user break out of the security restrictions imposed upon them to perform unintended actions, for example unauthorised access to sensitive data, or the ability to perform system level tasks associated with high privilege administrator or root accounts.
SureCloud provide the output of these reviews with commentary on the current state of the systems, along with technical details on recreating any of the discovered issues and detailed information for remediating these issues going forward.
Wireless networks bring both increased flexibility and convenience to users, but also present additional security concerns for system administrators where they extend the corporate LAN beyond the traditional bricks and mortar boundaries that surround traditional ‘wired’ LAN access. It is paramount that a organisational wireless networks are configured to utilise the strongest available encryption and authentication methods.
SureCloud can provide assurance within this area through their Wireless Network Penetration Testing services, which will include:
- Identifying any insecure encryption or authentication methods that are configured and exploit them as part of a proof of concept
- Discovering any rogue access points that may be connected to internal networks
- Reviewing and highlighting any wireless network segregation issues that may be present, such as where ‘guest’ networks can interact with obscure or common internal network services
- Obtaining and attempting to crack WPA/WPA2 Pre-shared-keys (PSK’s) for any networks that may utilise these authentication methods, demonstrating the risk of insecurely configured passphrases.
Internet facing corporate resources are often a prime target for attackers due to the level of access and the potential wealth of sensitive data that can be obtained once connected. Virtual Private Networks (VPN’s) are designed to provide remote workers with secure access to corporate resources over the untrusted public internet through an encrypted ‘tunnel’ that provides encryption of data in transit, along with the additional benefits of web content filtering (to ensure the user does not access internet based resources that contravene the organisations security and acceptable user policies), along with enhanced network monitoring and auditing. Poorly configured VPNs can pose a threat to the confidentiality and integrity of data held by an organisation and can often leak information such as internal IP addresses or DNS requests, that attackers or rival businesses can use to their advantage.
SureCloud’s Virtual Private Network (VPN) Penetration Testing services are designed to test and assess your organisations VPN solution against best practice guidelines and will provide you with recommendations on how to further secure any identified areas of weakness.
Social engineering services range from engagements conducted online such as phishing, spear-phishing (targeted phishing) or whaling (targeted phishing attack on high-profile employees), through to social engineering over voice calls or mobile messaging (vishing and smishing, respectively), along with physical social engineering engagements on-site. Physical social engineering is often performed alongside the physical security assessments as the two go together, with this providing greater coverage of the target environment.
The social engineering on-site testing incorporates covert surveillance, unauthorised access attempts, coercing employees to negate standard security processes, and theft of sensitive logical or physical data or property. Written consent and photographic identification are always carried by the cybersecurity consultant during the social engineering engagement to verify their identity and the validity of the security assessment in the event of discovery or challenges by staff or other authorised personnel.
One of the main outcomes of the social engineering engagement is to identify whether existing processes are being followed for assurance purposes, with an aim of providing specific guidance on strengthening defence capabilities through employee education and awareness training, as well as meeting compliance requirements.
SureCloud’s Password Analysis Services provide real world data regarding the actual passwords your employees are using to secure access to their accounts for corporate systems access, enabling you to identify potential weaknesses and areas for further improvement.
As an example, by undertaking an Active Directory domain password audit SureCloud will highlight the actual passwords in use within your corporate environment, detailing issues or concerning trends that can assist with strengthening the corporate security posture. This includes identifying serious issues such as password re-use, or the use of weak passwords that may in fact be weak despite adhering to internal technical controls.
The resulting information provided by SureCloud can be utilised to identify users that may benefit from additional security awareness training to educate them on the best practices for selecting a strong password, why sharing passwords between accounts is a serious risk, and many other factors that can contribute to key weaknesses that often lead to network compromise.
Reviewing the security of a system can extend beyond penetration testing and delves further into how the system fits within the organisations, how it is used by customers and employees down to the architectural decisions made during implementation. SureCloud can review the entire context of a given system or subset of systems against best-practices that are most relevant to your organisation.
Ranging from standards that are as prescriptive as PCI DSS to your own information security management system, the results identify the full spectrum of realistic threats to the system and overall organisation. Some examples of this may include Active Directory domain restructuring or migration, secure zone infrastructure architecture review, GAP analysis, and much more.
SureCloud’s experienced team of cybersecurity consultants can help you to both identify and prioritise the real threats and weaknesses to your organisation. The team can aid in all stages of a projects lifecycle from the very early conception and planning phases all the way through implementation and review.
Our experienced cybersecurity professionals can provide a second opinion on the security posture of your new architectural overhaul, assess the network security of your newly acquired business, review the code of a new mobile application, and anything in-between.
Development teams don’t always consider the most secure ways to write code, with their focus often on delivering the product on time and with the desired functionality. SureCloud’s development team training can provide advice on secure code practices to ensure that applications don’t expose sensitive information unnecessarily as well as providing guidance and assurance for secure coding best-practices.
Training also advises on issues that are commonly seen during post-deployment penetration testing such as securely creating and configuring necessary application services and ensuring permissions are sufficiently restricted (for example, creating a user account to run a specified service and ensuring user permissions follow the principle of least privilege). The same methodology applies to segregating database users and roles, and file permissions for installed thick-client applications. Training can also be provided to focus upon securing source code repositories for safely storing code that may contain sensitive information, such as development consultancies with different client projects or intellectual property.
One of the main goals of SureCloud’s development team training service is to work alongside your development team and project managers to re-work existing processes to align with best-practices, aiming to build a strong foundation for security assurance.
Vulnerability scanning and remediation management can often be a painful process involving installing a scanning tool, and then sharing and managing the resulting information via spreadsheets and other methods. These outputs then needing to be reviewed, triaged, and transcribed into another system to monitor the work being performed to fix the issue. Finally, another separate scan is performed, and the results manually compared to the originals to know if the problem is fixed.
But there is a better way, where SureCloud’s vulnerability manager offers a unified interface where the entire vulnerability lifecycle can be observed and managed. From the initial detection of the vulnerability, all the way through to final moments of fixing and re-scanning. Vulnerability manager can perform the detection with a variety of different scanning engines all built-in and integrated with PCI-ASV scanning and manual-led penetration testing. All vulnerabilities can be easily tracked and managed within the same web interface, or where necessary can be exported into spreadsheets, PDFs, and other formats.
SureCloud’s managed services also include hands-on support from our cybersecurity team who can quickly answer any questions surrounding the products, results, and of course can offer guidance and suggestions for general security related topics.
Organisations that utilise an Information Security Management System Awareness, are already or are looking to operate a mature-security model will incorporate security awareness training for internal staff members. SureCloud’s awareness training is structured to provide organisations and their employees with understanding of common threats they may experience to both cyber and information security. This training then assists employees with recognising these threats and allows staff to confidently and appropriately respond to them, such as detailing the countermeasures that can be adopted.
User awareness training can be tailored with results following social engineering engagements, where we will develop and deliver specific education for your organisation to correct existing issues and prepare against future attacks. All training is delivered by our cybersecurity experts who are knowledgeable about cyber, physical, and general security issues that companies regularly face.
SureCloud can provide general awareness training on the various types of social engineering attacks (such as phishing, vishing, smishing), how to identify physical security risks (such as where controls such as RFID door systems are not satisfactory), good password practices and operational hygiene, with a resulting focus on how best to react and manage any threats to these.
Threat Modelling allows organisations to understand exactly where systems fit within the context of an organisation, how these systems affect the overall security posture and the systems attack-surface. Overall, these modelling exercises succeed in improving network security through the identification and combination of security vulnerabilities, business objectives, and defining relevant countermeasures to mitigate threats as part of a kill-chain identification exercise.
The primary output from a threat modelling exercise is the interactive diagram that can be updated and modified over time as threats and systems change. Following this a list of verified and testable assumptions that is bespoke to your organisation and environment. Each given system will also have a prioritised list of threats including both technical vulnerabilities alongside organisational risks.
All these results combined are presented with the actions required to validate and re-validate the findings to allow seamless handover to the internal team. The aim of threat modelling is not to simply provide a static diagram, but to arm your technology and security team with the tools and information needed to continually improve the cybersecurity posture of your organisation.
SureCloud can provide a thorough review of the physical security controls that are in-place at your organisations offices. Reviewing the implemented physical controls can provide an overview of any weaknesses or oversights within the physical security layer that could allow an attacker to gain unauthorised access to your premises, or other sensitive business locations, such as internally hosted datacentres or departments holding sensitive hard copy documentation, such as finance or HR departments.
Dedicated and focused testing from our experienced security team can include assessing areas including, but not limited to, CCTV placement and operational processes relating to monitoring, building and door access control systems (including RFID door control), door and window locking mechanisms, employee and visitor identification solutions.
SureCloud’s IT Health Check goes beyond simple box-ticking to provide you with a platform that demonstrates your compliance, protects your organization against risk and empowers you to achieve more.
Have a consistent approach
SureCloud provides access to its comprehensive platform so you can view all your test outputs in one tool and view historical data to perform trend analysis.
Access dynamic information
Real-time reports allow you to focus on what really matters, cutting the data to pull it through to different areas of your business, e.g. integrating penetration testing to your GRC forms.
Make your team accountable
Assign tasks to individuals while using dashboards to maintain complete oversight – view and filter status reports, click through for a more detailed breakdown and identify potential bottlenecks.
No manual effort is required, simply run the reports you need and start inputting the remediation steps and controls required to protect your organization.
Be the best
Demonstrate your CoCo compliance, highlight the remediation actions you’ve taken along with evidence and have access to our talented team for best-practice advice.