Mobile applications are usually categorised in two areas, i.e. either web based application that are responsive to mobile devices to offer compatible interfaces, or native mobile application developed for mobile devices only. For the former part, web application methodology is used to identify risks related to the application under review. If any web service endpoints are in use, these are also taken into consideration. In case of native mobile application, a different approach is taken due to the nature of installers, and the underlying development. Not only mobile application testing is performed in this case, mobile device is also reviewed in order to attempt retrieval of any residual information left after use of mobile application. This information stored locally on the device is further checked for any encryption schemes implemented on the data or an assessment is performed further where this information can be used in conjunction with organisation's allowed scope of work.
Due to nature of rapid growth of mobile industry, mobile application security is equally important given the amount of data access available to mobile application users. Although your server-side application of technologies may be the best in terms of configuration and implementation, a vulnerability introduced by an insecure mobile application on a mobile device could be hazardous for your organisation's reputation or might relate to legal implications.
Mobile application security assessment is the must do exercise to get an assessment of your applications to keep malicious users away from your infrastructure. Similarly, internal web applications are necessary to avoid leakage of information, unauthorized access to data, or to avoid potential damage by introducing insecure code.
Secure web application form the basis of any business trading on the Internet. Without security in mind, applications are a treat for online fraudsters from multiple perspectives at application level. This could be allowing a malicious attacker to act as a man in the middle between website user and a website server, or to exploit any weaknesses in the application code to his benefit.
The main goal of application assessment is to uncover vulnerabilities, to show a practical situation where these flaws can be exploited, and provide recommendation for mitigation of the risks identified. Majority of the times, application assessments are driven by either of these objectives; to obtain unauthorized access and/or to retrieve of sensitive information.
It took a while for the stakeholders worldwide to understand the 'why' of application security. Stakeholders, product managers, legal, and others higher up the management ladder say they understand what's at stake for the organisation's success. Often, businesses with online presence especially the payment systems pose bigger risk for the businesses thereby gaining attention due to the uncovering of flaws in major retailers, banks and/or other online businesses. Demonstration of risks in this scenario is pretty realistic and has been gaining speed both from new attacker vectors and covering old risks perspective, thereby encouraging staff to tackle this issue before it spirals out to cause damage of reputation or any related implications at legal level.
Defendza performs zero to hero level attack with zero knowledge of your intenal network. All we need is access to your premises and your authorisation for work! Leave your domain compromise, password cracking , secure hardening assessments to us.
This assessment can also be performed on a custom scope for instance , a range of mission critical servers, or intranet systems. No automated blind scanning is part of our methodology that would disrupt your business operations, this leads to loss of trust you have put in us.
An internal infrastructure assessments gives you the best return on your investment to realise the information security culture within your organisation. Our security consultant will demonstrate password cracking practices showing the password culture, group policy weaknesses including account policies, password policies, password hashing policies/security settings and patching status across the estate.
Defendza identifies and examines issues related to your infrastructure exposed on the internet. This would determine whether your hosts or devices exposed to the internet can be hacked by an attacker or used to gain access to sensitive information.
This will help you assess your situation on the internet, including but not limited to your web servers, mail servers, VPNs, firewalls, or any other hosts. This provides you assurance that your infrastructure exposed on the internet is free from vulnerabilities and helps in achieving organisation's business objectives.
Defendza provides assurance on the product assessments, be it be compiled applications as an internal product or enterprise level products. The overall goal is to find out product weaknesses , demonstrate the extent of threats posed and help our clients address those issues.
Product assessments help you to assess if product owners/third party vendors have developed the product with security in mind. Any issues identified will help you to liaise with your vendors to help secure yours and their products.
This phase includes auditing your devices in a range of categories, i.e. video recorders, payment devices, perimeter devices. Routers, firewalls configurations are audited to present you the attack surface of the current configurations in place and mitigation steps are provided to help your network team close those gaps. Pin Entry Devices (PED) are assessed for any weaknesses in configuration, that may pose threat to your infrastructure or any checks mandatory for your PCI compliance.
Our analysis of the Firewall device policy is designed to ensure that it is correctly configured to provide appropriate security to our client’s network being protected. We review the configuration as well as the rules set on the device and provide mitigation to enhance it, where required. This ensures that only the necessary rules are set on the device.
This audit will help you identify manual weaknesses where administrators or other employees failed to implement restrictions. Misconfigurations are often one of the weakest links when it comes to configuring devices to an optimum security level.
This phase deals with reviewing the underlying build's hardening practices from an end-user perspective, as well as securing it from unauthenticated users. Build reviews helps in assessing the OS security as well as any other services running on it. For instance, in case of windows, a build review will present the accurate picture of operating system configurations (including user account, user restrictions and auditing), as well as any applications such as anti-virus, browsers, email, software, configured on this operating system.
A compromised server in a network can be a stepping stone for an attacker to jump on to other servers on the network.
Usually, due to strict timelines and due to the nature of testing, network level penetration tests are unable to assess all facets of operating system configuration. A focussed build review helps an organisation to assess and prepare a benchmark OS build to be used as standard before deploying OS builds across the estate. Any improvements in terms of findings from build review assessment can be implemented on a single gold build rather than facing numerous challenges to deploy changes across all hosts/servers on the network.
Defendza offers wireless security assessment at different levels ranging from a single access point set up to enterprise level implementations such as Meraki, Aruba networks, cisco or any other . Although wireless offers greater flexibility for users, maintaining security side of things could be tricky given the requirements for separate controls and objectives in order to ensure seamless integrity with wired networks.
You may be unaware of loopholes in your processes such as logging and monitoring, and may be unaware of anonymous connection abuse of your guest wireless networks or corporate networks. Similarly, DoS attacks rendering networks offline, abuse of wireless network by employees for non-work related browsing or downloads, sensitive information theft (using wireless point of sale systems or similar implementation), network infections, are a few of the implications if wireless networks are left without secure setup in place.
This service involves simulation of phishing attacks on the employees in order to assess a number of practices in your organisation. Results from phishing campaign can be used to analyse browsing habits of your employees, their information security awareness and effectiveness of your perimeter controls in place. Furthermore, this can be used as a benchmark to improve your device configuration along with creating/generating content based on weaknesses identified for staff security awareness training.
There are numerous examples of successful phishing attacks that expose the business secrets or sensitive information related to users to the outside world. Servers are broken into, emails are pillaged and exposed to the outside world, data is stolen or destroyed, websites are defaced are a few of the possibilities presented by real world attacks. A quick google search will show you the history of phishing attacks and their implications.
OSINT stands for Open Source Intelligence, gathered from publically available sources. A range of sources are used to collect, analyse and connect information mainly from media, web based/user generated content available online, public data such as speeches, press conferences, case studies, registered authorities databases, professional and academic sources, and/or other number of sources available online. This could also include employee addresses, personal information related to them or their relatives, information about technologies used with specific information on versions sometimes, or retrieving information by checking public databases on paste sites, social media or people profiling (based on social media or professional connection sites).
After knowing how much information has been collected online, you may want to change your internal processes from as small as changing staff habits of internet browsing to removing meta data information from the documents to be made available on organisation website or removing posts containing sensitive information online.
Passwords are the first line of defense against cyber criminals. A strong password is the first step towards defending against cyber criminals. Further, using a different password for every website you go to is an equally strong line of defense to take
Conducting password analysis would provide you an indicator of the password strength used by the employees. This will help provide assurance about the policies set which mandates not to use weak / common / easy to guess passwords as per the internal password policy. Using our database of leaked passwords and the hardware specialised for password analysis, our consultants will be happy to give you in-depth review of the password strength based on the hashes supplied.