Contact Us
Contact Us
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Subscribe to our newsletter
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Voice Phishing

voice phishing to their own staff members or to an organisation as a whole

Read more
Complete this form to get in touch

Are you happy for Defendza to keep you informed on the latest developments in cyber security (attack reports, guidance, DIY articles)? Of course you can unsubscribe at any time. Please see our privacy policy

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Overview

All we need is access to your internal network and your authorisation form to get started. Leave your domain compromise, password cracking, server build hardening assessments to us. 

Internal Network assessment can also be performed on a custom scope for instance , a range of mission critical servers, or intranet systems. No automated blind scanning is part of our methodology that would disrupt your business operations, this leads to loss of trust you have put in us.

Why you need Voice Phishing?

An internal infrastructure assessments gives you the best return on your investment to realise the information security culture within your organisation. Our security consultant will demonstrate password cracking practices showing the password culture, group policy weaknesses including account policies, password policies, password hashing policies/security settings and patching status across the estate.

Methodology

Privilege Escalation

The first level of access achieved from the "low-hanging" fruits found in previous phases does not allow full access to the underlying target. An attacker may not perform desired tasks for further activities such as password hashes retrieval, adding privileged users or tasks. Privilege escalation techniques are attempted by exploiting a bug, design flaw or configuration oversight in an operating system, or software/application to gain elevated access. This allows our security experts to perform elevated tasks that are key for lateral movement to infiltrate into the target network. 

Attack & Exploit

Using an open-source, commercial, and custom scripts, vulnerabilities that would cause no network or host level impact are targeted for exploitation. The objective here is to find higher-level privileges to achieve the highest possible access on a system. This system is then used as a base for further lateral movement in order to attempt to compromise the entire network, domain, or the agreed target. Based on the scope of the project, this access can be maintained for days to achieve further objectives or considered a completion of the assessment.

Vulnerability Analysis

The prioritised list of targets is scanned for vulnerabilities. This assessment involves checking both published as well as undocumented vulnerabilities against the target assets.  We sift through the scan results for false positives. The manual assessment ensures that only verified vulnerabilities are focused upon.

Planning

Based on the response received from the reconnaissance phase, the target list is prioritised. The priority would be based on "low-hanging" fruit that could aid in gaining a foothold within the network trivially. 

Reconnaissance and Intelligence Gathering

The first step of reconnaissance activity includes passively identifying the hosts and services visible on the Internet. This includes limited Open Source Intelligence phase. During red teaming or related offensive security projects, this exercise involves extensive information gathering about a customer's people, processes and technology in use. Research based threat intelligence is an integral part of any offensive exercise.

Overall, the aim of this phase aims to harvest as much information as possible about your organisation that would be used for later phases.

Lets talk about your security requirements 
Call Us Now

Why Defendza ?

Thorough Analysis and Reporting

Our reports are comprehensive and include all the evidence that supports our findings. We give you a risk rating that considers how likely an attack is as well as the impact it could have. We don’t create panic scenarios. Our mitigation is detailed, covering both strategic and tactical areas to help our clients prepare a remediation plan.

Custom tools and scripts

Apart from the range of commercial and open source tools available for specific testing, our team has its own custom scripts for efficient testing. We provide accurate results to make sure our clients completely understand any vulnerabilities we report.

In-house experts

Our teams are led by veteran security consultants accredited by CREST standards for the last several years. Our experience shows that our clients are best served by giving them the right advice for their cyber security needs. We do not believe in spreading fear, uncertainty and doubt to generate more business.

Key Benefits

Our network security team is waiting
Call Us Now

Testimonials

"My experience to date with Defendza has been very positive, I look for a flexible, knowledable security "partner" when I engage a PT firm. Pentest means many things to many people and there are many different use cases for both the testing activity and the report generated and I need someone to work with me to get the absolute best value out of my security budget."

Information Security Officer
Insurance Group

Excellent people to work with. Very good knowledge of requirement and give us correct findings with excellent remedy to improve our security for our B2B portal site."

Head of Technical & Business Improvement
Leading Pharmaceutical Manufacturer

"I thought it was a highly professional and thorough exercise and I would have no hesitation recommending Defendza to any of my connections."

Director, Software Engineering
Global Information and Analytics Company

"Good personal service. We are delighted with the work Defendza did for us. Highly recommended."

CTO
Manchester headquartered Global Fashion Brand

"Extremely satisfied with approach, speed and end results. Thanks."

COO
International fashion label and store

"My experience of the Defendza team was 5 star.  They were so helpful, and their technical delivery and client communication were excellent."

Director, Software Development
Corporate Services Company

Resources

Manufacturers Can’t Afford the Cyber Risks

09/06/2019

Much of the manufacturing industry has failed to take proactive steps to defend against cyber attacks—which is a notable problem considering the growing threats the industry faces