Pentesting

External Penetration Testing

• Discover external attack surface from the perspective of an adversary
• Reduce false positives
• Includes OSINT and active reconnaissance to discover sensitive information such as employee information, previously breached and leaked passwords
• Actionable advice
• Service discovery and vulnerability detection

External Penetration Testing focuses on discovering vulnerabilities and weaknesses in the customer’s public facing networks and their services.

Benefits include:

• Reduce external attack surface.
• Gain visibility into current security gaps.
• Evaluate effectiveness of security tooling and controls.
• Prioritize fixes and understand risks.

Detect weak policies and misconfiguration in Active Directory and discover hidden attack paths.

Active Directory environment can be complex, and the relationships may become difficult to understand.

Benefits include:

• Gain visibility into current state of the Active Directory environment.
• Fix commonly exploited misconfigurations.
• Reduce the risk and impact of security incidents by hardening and limiting the attack surface.
• Minimize privileged access.

In Workstation and Server Hardening Reviews 2NS focuses on discovering security vulnerabilities and weaknesses or missing hardening in workstation or server builds. This helps to mitigate misconfigurations that could lead to for example privilege escalation or aid an attacker in lateral movement.

2NS utilizes automated testing to baseline the system hardening against industry-standard benchmarks. In addition, 2NS performs manual security testing to discover issues not detected by automated tooling.

Benefits include:

• Verify that workstations and servers have been hardened properly.
• Discover vulnerabilities that can cause for example privilege escalation.
• Minimize system’s attack surface.

In Network and Wireless Segmentation Testing 2NS validates that the wired and/or wireless networks have been segmented properly. If segmentation has not been done right, malicious users may for example be able to access critical services from the wireless guest Wi-Fi.

2NS methodically validates segmentation rules by testing different protocols across the different network boundaries and verifies that the network equipment has been configured to not allow attacks such as VLAN hopping.

Benefits include:

• Verify users cannot access critical systems from low-privileged networks such as guest Wi-Fi.
• Validate that network segmentation has been implemented securely.