Penetration Testing focuses on identifying vulnerabilities and weaknesses from the target systems. In 2NS’ model, penetration testing is done using automation as well as manual testing and software tools. Target systems can be for example complex software, specific servers or devices, or entire networks.
Usually, Penetration Testing projects do not focus on organization’s detection and response capability and rather focuses on discovering as many vulnerabilities as possible from the target systems.
For attacker emulation projects that also measure organization’s detection and response capability, see our Red Teaming services.
Why pentesting?
Penetration testing assists the organization to understand the impact of a security breach and evaluate risks of exploitation. In addition, Penetration Testing evaluates the effectiveness of security control used to protect critical assets and information.
Compared to a typical vulnerability assessment or scan, penetration testing focuses on exploitability answering questions such as “Can this vulnerability be exploited for privilege escalation or lateral movement”.
Examples of Penetration Testing projects done by 2NS:
Internal Penetration Testing
- Discover attack paths from the perspective of an adversary
- Reduce false positives
- Internal service discovery and vulnerability detection
- Actionable advice
- More than scanning – discovers hidden attack paths
Internal Penetration Testing focuses on discovering vulnerabilities and weaknesses in the customer’s internal networks and their services. The targets for the security testing can be for example: internal server networks, Active Directory services or a specific system.
Benefits include:
- Reduce organization’s internal attack surface.
- Gain visibility into current security gaps.
- Evaluate effectiveness of security tooling and controls.
- Prioritize fixes and understand risks.
External Penetration Testing
- Discover external attack surface from the perspective of an adversary
- Reduce false positives
- Includes OSINT and active reconnaissance to discover sensitive information such as employee information, previously breached and leaked passwords
- Actionable advice
- Service discovery and vulnerability detection
External Penetration Testing focuses on discovering vulnerabilities and weaknesses in the customer’s public facing networks and their services.
Benefits include:
- Reduce external attack surface.
- Gain visibility into current security gaps.
- Evaluate effectiveness of security tooling and controls.
- Prioritize fixes and understand risks.
Detect weak policies and misconfiguration in Active Directory and discover hidden attack paths.
Active Directory environment can be complex, and the relationships may become difficult to understand.
Benefits include:
- Gain visibility into current state of the Active Directory environment.
- Fix commonly exploited misconfigurations.
- Reduce the risk and impact of security incidents by hardening and limiting the attack surface.
- Minimize privileged access.
In Workstation and Server Hardening Reviews 2NS focuses on discovering security vulnerabilities and weaknesses or missing hardening in workstation or server builds. This helps to mitigate misconfigurations that could lead to for example privilege escalation or aid an attacker in lateral movement.
2NS utilizes automated testing to baseline the system hardening against industry-standard benchmarks. In addition, 2NS performs manual security testing to discover issues not detected by automated tooling.
Benefits include:
- Verify that workstations and servers have been hardened properly.
- Discover vulnerabilities that can cause for example privilege escalation.
- Minimize system’s attack surface.
In Network and Wireless Segmentation Testing 2NS validates that the wired and/or wireless networks have been segmented properly. If segmentation has not been done right, malicious users may for example be able to access critical services from the wireless guest Wi-Fi.
2NS methodically validates segmentation rules by testing different protocols across the different network boundaries and verifies that the network equipment has been configured to not allow attacks such as VLAN hopping.
Benefits include:
- Verify users cannot access critical systems from low-privileged networks such as guest Wi-Fi.
- Validate that network segmentation has been implemented securely.
From recon to hacking
Pentesting starts with a reconnaissance phase, during which 2NS hackers gather data from customers target systems and services and look at the existing attack surface to find the optimal attack paths.
After collecting information, 2NS’ penetration testers utilize active methods to discover vulnerabilities from the target systems and services that may for example lead to sensitive information leaking to a unauthorized party, or allow an attacker to escalate their privileges inside the environment.
Penetration testing is an effective way to evaluate a system’s security. It helps to discover vulnerabilities and weaknesses that cannot be found using automated scanning tools but rather require a hacker mindset and skills to be discovered. Target systems can range from complex business software with multiple services to building automation systems or entire networks.