How penetration testing is proposed and conducted is a critical part of overall vulnerability assessment.

The expertise of the assessors is essential to determining what combination of factors or vulnerabilities across systems might result in a successful exploit.

ecfirst works with customers on an individual basis to determine the testing most beneficial to their goals.

A primary goal for external penetration testing is to gain unauthorized, elevated access to an externally-accessible system.

Unauthorized access to other systems is pursued from this initial point, simulating real-world attack strategies.

Gaining Domain Administrator level access is a goal of internal network penetration testing, and how this may be used for unauthorized access to sensitive data.

Penetration testing provides proof of gaps in system configurations, network infrastructure, IT processes or applications.

Penetration Testing can also identify ineffective practices by staff that might lead to breaches and data exposure.

Methodology—External Testing

  • Reconnaissance - discover publicly available information about the organization to assist with furthering or focusing an attack

    • Client personnel & cultural information
    • Client business terminology
    • Technical infrastructure information
  • Scanning – identify systems, services, applications and vulnerabilities that may be exploited for access

    • Network Discovery
    • Network Port & Service Identification
    • Vulnerability Identification
    • Wireless LAN Discovery/Scanning
    • Enumeration
  • Exploitation – utilizing discovered information, vulnerabilities and/or deficiencies to obtain the goal

    • Password cracking
    • Discovered credential usage
    • Manual & Automated vulnerability validation
    • Privilege escalation
    • Additional tool installation
    • Data discovery

Methodology—Internal Testing

  • Scanning - identify systems, services, applications and vulnerabilities that may be exploited for access

    • Network Discovery
    • Network Port & Service Identification
    • Vulnerability Identification
    • Wireless LAN Discovery/Scanning
    • Enumeration
  • Exploitation - utilizing discovered information, vulnerabilities and/or deficiencies to obtain the goal

    • Password cracking
    • Discovered credential usage
    • Manual & Automated vulnerability validation
    • Privilege escalation
    • Additional tool installation
    • Data discovery
ecfirst

Trusted by the industry with proven methodology and results

18

Years of experience

25,000+

People trained & certified
by ecfirst

1,000+

Satisfied Customers

In the News

ecfirst will be delivering a featured session on Cyber Immune Defense: HITRUST Delivers an Active Defense.

Events

Cyber Immune Defense, Featured Presentation by Ali Pabrai at ISSA/ISACA/ISC2 Phoenix Security Conference, Sept. 20, 2018

Thought Leadership

Ali Pabrai, MSEE, CISSP (ISSAP, ISSMP), CCSFP (HITRUST) is the chief executive of ecfirst, an Inc. 500 business. He is a highly regarded information security and regulatory compliance expert.