Modern technical security threats range from common malware infections and dedicated critical applications and IT infrastructure attacks to sly client-side intrusions, wireless, embedded and mobile hacking. The attackers may be external or internal, and can resort to lateral approaches like social engineering to gain a foothold for further intrusion. Their motivation can range from direct financial gain to work conditions dissatisfaction, personal revenge, gaining competitive advantage, or political hacktivism.
Advanced technical security risks management services provided by our experienced, highly professional team ensure, that
This means all your IT security worries are fully addressed in a timely manner.
These risks can arise from outsiders with no access (a typical cybercriminal), or from legitimate access provided to customers, telecommuters, partner organisations or vendors being abused. Hence, when performing external security assessments Arhont can take either a Black Hat (no access and minimal information about the auditee provided), a Grey Hat (unprivileged access and limited information about the auditee provided), or a combined approach.
External information security assessments provided by Arhont typically amount to a full penetration test using both industry standard and proprietary automated and manual testing methodologies, and privilege escalation if perimeter breach is achieved. Upon the assessment completion, a detailed report complimented with an in-depth risk analysis and description of flexible, affordable solutions for every uncovered issue (prioritised within the supplied risk reduction plan) will be produced. If needed, our specialists can assist your team with these solutions implementation and further re-test to verify their effectiveness.
This amounts to establishing potential damage an internally connected attacker can do, and verify effectiveness of countermeasures in place to stop this from happening. Internal technical security aspects are frequently overlooked with network defences centred exclusively at it's perimeter, which is a violation of a whole concept of modern multilayer defence. There is little point in reinforcing city walls and gates if the enemy is already within.
There are many scenarios in which attackers already have local access to internal resources. Typical cases include disgruntled employees or contractors, industrial espionage, physical intruders, wireless attackers, and hackers who managed to breach the secure perimeter. The latter does not always presume successful frontal attack against perimeter defences: there are many lateral ways to establish a foothold without even touching them. These ways may involve client-side attacks against web browsers, malware spreading through e-mail, instant messengers and other networked applications, or via removable media and mobile devices, and social engineering of all kinds. Hence, security-vigilant organisations should be prepared to face attackers on their own ground within secure network perimeter.
An internal security audit emulates various types of internal attacks with an aim to check and improve this level of preparedness. As such, the internal assessment is a logical continuation and culmination of all other audit types, including physical, wireless and social engineering testing. However, due to the nature of assessment when auditors have full access to internal networks, additional network- and system-centric testing methodologies are used to establish relevant risks.
These are particularly relevant for online retailers and service provisioning companies, however more and more organisations from all backgrounds heavily rely upon web applications and portals to support key business operations.
Application security testing is the process of actively evaluating software to ensure that it has been designed, produced, tested, configured and deployed according to the best up-to-date software development security practices and recommendations. All elements of the assessed applications are analysed for various security-relevant design weaknesses and configuration flaws at the exposed interface and within the code itself. Then the real impact of any uncovered issues is evaluated, and thorough analysis of associated risks and the means to mitigate them is performed.
Our specialists take systematic step-by-step approach to find and document as many software security gaps as possible while avoiding false positives. We analyse application architecture, logic, running environment, authentication, session and user management, input/output validation, and more employing a variety of advanced proprietary and industry standard (such as OWASP) techniques.
Modern wireless security flaws often lead to the following problems:
The main differentiator of wireless security audits from their wired infrastructure assessment counterparts lies in a blurred perimeter of wireless networks (hence its neither external nor internal!), and in a necessity to understand wireless communications and specific wireless network and security protocols by the auditors.
Being pioneers of wireless security and authors of the very first book on wireless penetration testing, Arhont can offer comprehensive wireless security assessments uncovering any related risks and offering realistic mitigation solutions. Even if a company does not officially use any wireless networks, it does not mean it is not subject to wireless security risks unless it bans all wireless-enabled devices, does not have remote workers, and does not send staff on business trips. So, having at least a snapshot wireless security audit is a good way to ensure that your sensitive data are not leaking out via wireless security gaps, and such gaps can not be abused to obtain difficult-to-detect side channel access to your internal resources.
Our experts can assist you with collecting, analysing and reporting on digital data in a way that is legally admissible. This service can be used not only in detection, investigation and prevention of cybercrime, but also in any dispute where evidence is stored electronically.
More recently, commercial organisations have extensively used computer forensics and related incident management services to their benefit in a variety of cases such as
Arhont will not only assist you with correctly identifying the root cause of a security incident, its perpetrators and their specific actions, as well as with gathering, handling and submitting digital evidence without chain of custody violations. We see each incident as a straightforward demonstration of an existing information security risk and will work with your company to reduce it so that similar incidents will not happen in the future.