Contact Us
Contact Us
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Subscribe to our newsletter
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Wireless Penetration Test

We simulate various threat scenarios that an attacker may use against your wireless network that could lead to an organisation wide breach

Find out more
Get a FREE 30 min consultation

Are you happy for Defendza to keep you informed on the latest developments in cyber security (attack reports, guidance, DIY articles)? Of course you can unsubscribe at any time. Please see our privacy policy

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Portfolio

The following provides our main offerings in the wireless security domain. These are based on the customer demand we have from corporate sector. We are open to any customised requirements that your organisation may have.

Wireless Security

The most fundamental concern amongst many organisations is the wireless access possible beyond the physical perimeter of a business. This presents new challenges based on the location of the premises. Wireless networks could be the target of a curious threat actor in the car park, or an organised activity as part of cyber espionage.

At a high level, we review wireless protocols, segregation controls, network management policies, processes and procedures using black box, white box or grey box methodlogies.

Given the seemless wireless and wired connectivity and advancements in Tactics, Techniques, and Procedures (TTP), organisations must evaluate people, processes and the technology in use to avoid potential loss of Confidentiality, Integrity and/or Availability of their data.

We have a dedicated security assessments FAQ section. Read it here.

Service Offering Insights

Why choose us?

  • Extensive sector-based experience
  • Focus on service quality, insight, and client business
  • Thorough analysis and reporting to cater management and technical audience
  • Our proposals are customer centric, no fixed sales packages offered
  • Aftercare support includes debrief and help with the remediation plan

Our qualifications

Defendza as a business, as well as its consultants, are equipped with some of the best-known certifications, accreditations and qualifications globally. These include CREST, GCloud 11 Framework, ISO quality management certifications for the business and our consultants are Ex Check Team Leaders/CCT Infrastructure (2012, 2015) and Web Applications (2009,2012,2015), OSCP (Offensive Security Certified Professional), CREA (Certified Reverse Engineering Analyst), CREA (Certified Binary Auditing Expert), CISSP (Certified Information Security Systems Professional), SANS GSEC & GCIH Silver (Hacker Techniques and Incident Handling), CCNA (Cisco Certified Network Associate), CEH (Certified Ethical Hacker). 

Key benefits

Conducting regular penetration assessment offers the following benefits:

  • Assess your security controls and approach towards cyberattack preparedness
  • Manage your network based risks in a structured and organised manner.
  • Evidence of compliance with ever changing regulatory/certification requirements.
  • Assess your corporate security culture including passwords, patching, and auditing, logging and information storage practices.
  • Assuring your supply chain (suppliers, vendors) that you take the security of your data seriously.
  • Protect your client loyalty and brand image by demonstrating security adherence.

Different types of wireless security reviews

Defendza Ltd are an accredited CREST penetration testing service provider. This ensures we adhere to high technical standards and code of conduct in place by CREST. 

  • Wireless Security Assessment (Covers attack scenarios)
  • Wireless Configuration Reviews
  • Wireless Segregation Reviews

Reasons for Wireless Security Assessments

Given the role of wireless networks in today's corporate environments, it goes without saying that cyber security gaps could act as an open invitations to unauthorised users. These blind spots if left open may lead to a compromise from someone outside the company premises.

Our Approach

Our infrastructure security assessment offerings are based on extensive methodlogy we have developed with years of experience working across different sectors. It's very important that a cyber security consultancy follows an approach that delivers right returns on your investment. At a high level, our approach towards infrastructure security assessments is as follows:

Step. 1
Scoping and Customer Insight

When you decide to give us the go-ahead, our very first step is to gain insight into your motivation, so that we can advise on your real concerns. The comprehensive process we go through to understand this determines the vision for the project. At the technical level, this includes assets to be included, their fragility and importance to the environment. 

01

Step. 2
Wireless Configuration Review

A wireless configuration review involves reviewing the deployment mechanisms on the wireless clients (mobile devices, desktops, laptops) and reviewing the configuration of access point/access point solution/WLAN covering authentication, authorization, user management, rogue access point detection, signals leakage, and logging and monitoring.

02

Step. 3
Authentication

Review the authentication mechanism in place for remote desktop users. At times, some services, systems or even servers are configured only to use a weak form of authentication (such as a default or a weak password). This is inherently insecure compared to multi-factor authentication and may lead to security breaches if a user’s password is compromised. 

03

Step. 4
Segregation Controls Review

Segregation provides a restrictive boundary for various reasons. This defines access based controls protecting data by reducing the attack surface. Various checks around segregation tests are performed at network layer 2 and layer 3.

04

Step. 5
Vulnerability Analysis

The prioritised list of targets is scanned for vulnerabilities. This assessment involves checking both published as well as undocumented vulnerabilities against the target assets.  We sift through the scan results for false positives. The manual assessment ensures that only verified vulnerabilities are focused upon.

05

Step. 6
Attack & Exploit

Using an open-source, commercial, and custom scripts, vulnerabilities that would cause no network or host level impact are targeted for exploitation. The objective here is to find higher-level privileges to achieve the highest possible access on a system. This system is then used as a base for further lateral movement in order to attempt to compromise the entire network, domain, or the agreed target. Based on the scope of the project, this access can be maintained for days to achieve further objectives or considered a completion of the assessment.

06

Step. 7
Reporting

The assessment-execution phase is followed by the analysis & reporting. Defendza performs analysis on the testing output, evaluates the risk impact and likelihood of exploitation in realistic scenarios before providing action plans to remediate the identified risks. All our reports address business as well as the technical audience with supporting raw data, including mitigation measures at strategic and tactical levels. 

07

Step. 8
Communication & Debrief

We take customer communication as seriously as reporting or assessment execution. We engage with customers during all stages, and ensure that customer contacts are up to date in the language they understand. Post engagement, a free debrief is conducted to help the customers understand the weaknesses and prepare a mitigation plan.

08

Resources

Tips

Cyber Security Guidance for Online Retailers (SMEs)

Defendza's checklist-based guidance online retailers especially SMEs to provide with an overview of both basic and advanced cybersecurity measures they should implement. Overall, the guide will enable organizations to improve their cybersecurity posture, reduce security risks, avoid vulnerabilities, and enhance their resilience.

Read the Blog
Tips

Cyber Security for SMEs - Practical Approach

Defendza, a cyber security firm specialising in cyber security consulting and managed services, offers a five-point quick help cheat sheet that would help SME’s tackle the most common cyber-attacks. 

Read the Blog
Tips

Quick Guide - How to secure APIs.

Defendza, a cyber security firm specialising in cyber security consulting and managed services, offers a six-point quick help that would help SME’s tackle the most common cyber-attacks. 

Read the Blog

Testimonials

"My experience to date with Defendza has been very positive, I look for a flexible, knowledable security "partner" when I engage a PT firm. Pentest means many things to many people and there are many different use cases for both the testing activity and the report generated and I need someone to work with me to get the absolute best value out of my security budget."

Information Security Officer
Insurance Group

Excellent people to work with. Very good knowledge of requirement and give us correct findings with excellent remedy to improve our security for our B2B portal site."

Head of Technical & Business Improvement
Leading Pharmaceutical Manufacturer

"I thought it was a highly professional and thorough exercise and I would have no hesitation recommending Defendza to any of my connections."

Director, Software Engineering
Global Information and Analytics Company

"Good personal service. We are delighted with the work Defendza did for us. Highly recommended."

CTO
Manchester headquartered Global Fashion Brand

"Extremely satisfied with approach, speed and end results. Thanks."

COO
International fashion label and store

"My experience of the Defendza team was 5 star.  They were so helpful, and their technical delivery and client communication were excellent."

Director, Software Development
Corporate Services Company