services description 2017

OF 27 2016, Caretower Ltd

s

Penetration Department

Services Descriptions

OF 27 2016, Caretower Ltd v3.6

Table of Contents

1. Caretower Security Services ....................................................................................................... 3

2. Services Offered By Caretower ................................................................................................... 4

2.1 Black Box Internal or External Network Vulnerability Assessment ........................................ 5

2.2 White Box Internal or External Network Vulnerability Assessment ....................................... 6

2.3 Grey Box Internal or External Network Vulnerability Assessment ......................................... 8

2.4 Black Box Internal or External Network Penetration Test ...................................................... 9

2.5 White Box Internal or External Network Penetration Test .................................................. 10

2.6 Grey Box Internal or External Network Penetration Test ..................................................... 12

2.7 Web Application Penetration Test ....................................................................................... 13

2.8 Mobile Application Penetration Test .................................................................................... 14

2.9 Application Source Code Reviews ........................................................................................ 16

2.10 Web Application Training ..................................................................................................... 17

2.11 Social Engineering Security Assessment ............................................................................... 18

a. External (Remote) Social Engineering Security Services .......................................................... 19

b. Internal (Onsite) Social Engineering Security Services ............................................................. 19

2.12 Physical Security Risk Assessment ........................................................................................ 20

2.13 Phishing Attack Awareness Online Training ......................................................................... 21

2.14 Social Engineering Awareness Training Onsite ..................................................................... 22

2.15 Red Team Assessment .......................................................................................................... 22

2.16 Wireless Grey Box Network Test .......................................................................................... 23

2.17 Host Build Security Audit ...................................................................................................... 24

2.18 Firewall Security Auditing ..................................................................................................... 25

3. About Caretower .................................................................................................................. 27


1. Caretower Security Services

Caretower’s security services help businesses identify vulnerabilities in their security defences

and provides a recommended action plan for remediation, based on industry best practices.

Caretower will assume the role of an external or internal attacker and attempt to circumvent

security controls to gain access to the company’s target network or application.

Caretower takes a vendor-neutral approach to developing solutions that meet customer

business requirements for scalability, reliability, performance, security, timeline and budget,

with an emphasis on delivering maximum results and return on investment.

All services offered by Caretower help customers to have reliable and secure infrastructure

and applications. The Caretower testing services are performed against the scoped

infrastructure and/or application in a variety of different systems such as (also depending on

the scope): Web, E-Mail Server, Web Applications, Database servers, Remote Access

Gateways, Network devices, DNS servers etc.

Based on the selected service we will be looking into (but not limited to):

1. Missing operating system security patches.

2. Missing security patches from third party products.

3. Unsupported and outdated software.

4. Weak password policies in various services.

5. Server and host misconfiguration issues.

6. Social media exposure of the target company.

7. Proper network segmentation.

8. Secure application deployment.

9. Logical network access control implementations.

10. Perimeter Security.

11. Remote Administration.

12. DNS Segmentation.


2. Services Offered By Caretower

Caretower offers a wide portfolio of security services. Our security tests are performed by

experienced penetration testing specialists who have a wealth of knowledge in diverse IT

disciplines including policy, design, implementation and development. Caretower offers the following tests services:

1. Black Box Internal or External Vulnerability Assessment

2. White Box Internal or External Vulnerability Assessment

3. Grey Box Internal or External Vulnerability Assessment

4. Black Box Internal or External Network Penetration Test

5. White Box Internal or External Network Penetration Test

6. Grey box Internal or External Network Penetration Test

7. Web Application Penetration Test

8. Mobile Application Penetration Test

9. Application Source Code Reviews

10. Web Application Training

11. Social Engineering Security Assessment

a. External (Remote) Social Engineering Security Assessment Services b. Internal (Onsite) Social Engineering Security Services

12. Physical Security Risk Assessment

13. Phishing Attack Awareness Online Training

14. Social Engineering Awareness Training Onsite

15. Wireless Grey Box Network Test

16. Host Build Security Audit

17. Firewall Security Auditing.

18. Red Team Security Assessment.

Note: All services to a certain extent are customisable.


2.1 Black Box Internal or External Network Vulnerability

Assessment

A Black Box External or Internal Network Vulnerability Assessment service is a semi-

automated process of proactively identifying security vulnerabilities of computing systems in

the target network infrastructure in order to determine if and where a system can be

exploited and/or threatened. Caretower make use of various manual verification tests and

deliver a report free of false positives, with no prior knowledge of the systems or

infrastructure in place. While applying this approach, the penetration tester will be assessing

the network infrastructure from a remote or onsite location and will not be aware of any

technologies deployed/used by the target organisation.

Note: Black Box Vulnerability assessment typically refers to the assessment of systems that

are connected to the Internet but can also refer to system audits on internal networks that

are not connected to the Internet in order to assess the threat of rogue software or malicious employees in an enterprise.

The client by purchasing a Black Box External or Internal Vulnerability Assessment will be receiving the following service:

1. Discovery

Identify network topology of target company.

Identify/enumerate active company hosts through probing/port scanning.

Identify operating system using passive and active fingerprinting techniques.

Identify type of service per active host.

Gather information from social media associated with the target company (only

for external test).

Identify target company external or internal network attack surface.

2. Test Activities

Perform vulnerability verification using manual testing methods.

Ensure minimal to no impact on the hosts.

No Distributed Denial of Service/Denial of Service attacks will be performed.

High risk vulnerabilities will be reported during testing.

3. Reporting

Generate an executive summary to confirm the date of the test and IP address

ranges tested.

Include a summary report of vulnerabilities identified by host.


Perform supplemental research and development activities to support

analysis.

False positive identification of the findings.

Prioritised vulnerabilities based upon the ease of exploit, level of effort to

remedy and severity of business impact.

Make use of the CVSSv2 scoring system and CVE numbers to categorize the

identified vulnerabilities.

Assess current practice against industry best practices and provide detailed

remediation plan.

4. Post Engagement Activities

Perform follow up conference calls and/or meetings explaining the severity of

the findings.

Transfer knowledge through post engagement activities.

2.2 White Box Internal or External Network Vulnerability

Assessment

A White Box External or Internal Network Vulnerability Assessment service is a semi-

automated process of proactively identifying security vulnerabilities of computing systems in

the target network infrastructure in order to determine if and where a system can be

exploited and/or threatened. Caretower make use of various manual verification tests and

deliver a report free of false positives. White Box external or internal vulnerability assessment

occurs when external or internal attempts are made to check on vulnerabilities and

adherence to policies and procedures of the target company, with the full assistance of the client.

Note: Vulnerability assessment typically refers to the assessment of systems that are

connected to the Internet but can also refer to system audits on internal networks that are

not connected to the Internet in order to assess the threat of rogue software or malicious

employees in an enterprise.

The client in this situation would be obliged to provide us with the following information:

1. Information about the business model organisation, in order to build appropriate

threat models.

2. Network diagrams with detailed external or internally exposed surface attack.

3. Technical documentation describing technologies used by the infrastructure.

4. External or internal user credentials of users with different privilege levels.

The client by purchasing an External or Internal Vulnerability Assessment will be receiving the following service:


1. Discovery




2. Test Activities





3. Reporting


ranges tested.



analysis.







remediation plan.



the findings.



2.3 Grey Box Internal or External Network Vulnerability

Assessment

A Grey Box External or Internal Network Vulnerability Assessment service is a semi-automated

process of proactively identifying security vulnerabilities of computing systems in the target

network infrastructure in order to determine if and where a system can be exploited and/or

threatened. Caretower make use of various manual verification tests and deliver a report free

of false positives. Caretower will be assessing the client’s network with some prior knowledge

of the systems or infrastructure in place. In this situation the client is obliged to provide us

with an IP range and the type of the services each host has.

Note: Vulnerability assessment typically refers to the assessment of systems that are

connected to the Internet but can also refer to system audits on internal networks that are not

connected to the Internet in order to assess the threat of rogue software or malicious employees in an enterprise.

The client by purchasing an External or Internal Vulnerability Assessment will be receiving the

following service:

1. Discovery




2. Test Activities





3. Reporting


ranges tested.



analysis.








remediation plan.



the findings.


2.4 Black Box Internal or External Network Penetration Test

Black Box External or Internal Network Penetration Testing occurs when external or internal

attempts are made to securely penetrate network systems and defences to identify entry

points and vulnerabilities with no prior knowledge of the systems or infrastructure in place.

While applying this approach, the penetration tester will be assessing the network

infrastructure from a remote or onsite location and will not be aware of any technologies deployed/used by the target organisation.

Note: Black Box Internal Network Penetration Testing refers to system audits on internal

networks that are not connected to the Internet in order to assess the threat of rogue software or malicious employees in an enterprise.

The client by purchasing a Black Box External or Internal Network Penetration Test will be

receiving the following service:

1. Discovery

Identify network topology of target company.




Gather information from social media associated with the target company

(only for external or internal penetration test).

Identify target company external or internal network attack surface.

2. Test Activities

Vulnerability verification using manual testing methods to identify false

positives.

Run publicly available exploit code against the vulnerable targets, in a safe and

secure manner.



No Distributed Denial of Service/Denial of Service attacks will be performed,

unless explicitly requested from the customer.


3. Reporting


ranges tested.



analysis.






remediation plan.



the findings.


2.5 White Box Internal or External Network Penetration Test

White Box External or Internal Network Penetration Testing occurs when external or internal


points and vulnerabilities with prior knowledge of the systems or infrastructure in place. White

Box external or internal Penetration Testing occurs when external or internal attempts are

made to check on vulnerabilities and adherence to policies and procedures of the target company, with the full assistance of the client.

Note: White Box Internal Network Penetration Testing refers to system audits on internal

networks that are not connected to the Internet in order to assess the threat of rogue software

or malicious employees in an enterprise with full knowledge of the company systems e.g.

frustrated system administrator etc.

The client in this situation would be obliged to provide us with the following information:

1. Information about the business model organisation, in order to build appropriate threat models.

2. Network diagrams with detailed external or internally exposed surface attack.

3. Technical documentation describing technologies used by the infrastructure.


4. External or internal user credentials of users with different privilege levels.

The client by purchasing a white box external or internal network penetration test will be

receiving the following service:

1. Discovery

Verify/Enumerate active company hosts through probing/port scanning.


Identify/Verify type of service per active host.

2. Test Activities

Identification/Verification if the true external or internal attack surface of the

Target Company.

Vulnerability verification using manual testing methods.

Run publicly available exploit code against vulnerable targets, in a safe and

secure manner.


Assess external or internal user access against company security policies.

Abuse external or internal user access, by attempting to circumvent company

security controls and policies.

A security assessment of the network design and topology.

No Distributed Denial of Service/Denial of Service attacks will be performed,

unless explicitly requested from the customer.


3. Reporting


ranges tested.



analysis.

Prioritized vulnerabilities based upon the ease of exploit, level of effort to




Full risk assessment included in the penetration test about the external or

internal client will be included in the penetration test report.


remediation plan.


Assess of the network design/topology will be included in the report.

Assess of the external or internal user access will be included in the report.



the findings.


2.6 Grey Box Internal or External Network Penetration Test

Grey Box Internal or External Network Penetration Testing occurs when external or internal


points and vulnerabilities with some prior knowledge of the systems or infrastructure in place.

In this situation the client is obliged to provide us with an IP range and the type if the services

each host has.

Note: Grey Box Internal or External Network Penetration Testing refers to system audits on

internal networks that are not connected to the Internet in order to assess the threat of rogue

software or malicious employees in an enterprise.

The client by purchasing a Grey Box External or internal Network Penetration Test will be receiving the following service:

1. Discovery

Verify/enumerate active company hosts through probing/port scanning.


Identify/verify type of service per active host.

2. Test Activities



secure manner.





3. Reporting


ranges tested.



analysis.






remediation plan.



the findings.


2.7 Web Application Penetration Test

A Web Application Penetration Test is a method of evaluating the security of a Web

Application by methodically validating and verifying the effectiveness of application security

controls. A web application security test focuses only on evaluating the security of a web

application. The process involves an active analysis of the application for any weaknesses,

technical flaws, or vulnerabilities. Any security issues that are found will be presented to the

system owner, together with an assessment of the impact, a proposal for mitigation or a

technical solution.

The client by purchasing a Web Application Penetration Test will be receiving the following service:

1. Discovery

Analyse the Web Application Structure.

Understand the Web Application Design.

Understand the Web Application Business Logic.

2. Test Activities

Perform automated web application scan.



Perform extensive manual Web Application security testing.


secure manner.

Try to circumvent application security controls.

Try to circumvent application business logic.

Perform security tests against OWASP top 10 risks.




3. Reporting


ranges tested.



analysis.



Make use of the CVSSv2, OWASP top 10 scoring system and CVE numbers to

categorize the identified vulnerabilities.


remediation plan.



the findings.


2.8 Mobile Application Penetration Test

Whether your custom applications have been developed in-house or commissioned through a

third party, time constraints and a lack of awareness around security best practice can often

result in an application that puts the integrity and confidentiality of your data and systems at

risk of compromise.

We provide a thorough security analysis of both common off the shelf and custom applications.

Our security assessment specialists will examine and assess all the key components of the

target application and where appropriate supporting infrastructure. Attention is also focused

on how the application components are deployed and communicate with both the user and

server environments.


The client by purchasing a Web Application Penetration Test will be receiving the following service:

1. Discovery

Analyse the Mobile Application Structure.

Understand the Mobile Application Design.

Understand the Mobile Application Business Logic.

2. Test Activities

Perform automated mobile application scan.

Perform automated scan to the web component of the mobile application.


Perform extensive manual mobile application security testing.

Run publicly available exploit code against the target system, in a safe and

secure manner.

Try to circumvent web component security controls.

Try to circumvent web component business logic.

Try to circumvent mobile application security controls.

Try to circumvent mobile application business logic.

Perform security tests against OWASP Top 10 risks.

Perform security tests against OWASP Mobile Top 10 risks.

Ensure minimal to no impact on the web component.



3. Reporting


ranges tested.



analysis.






remediation plan.




the findings.


2.9 Application Source Code Reviews

A Source Code Review identifies the types of vulnerabilities only a software architect,

developer, or tester would know. Before beginning a source code review, our consultants gain

a thorough understanding of your application as well as its purpose, background, environment

and framework to best identify key areas of focus.

Note: The service to a certain extent is customisable.

Our Consulting Team brings together many years of experience in software testing and

architecture therefore, once onsite, we can easily take a look at your application's architecture

and immediately understand how it is intended to work; what the design implications are;

what the application's strengths and weaknesses are; and, most importantly, determine risk

appropriately.

The client by purchasing a Web Application Penetration Test will be receiving the following

service:

1. Discovery

Analyse the Application Structure.

Understand the Application Design.

Understand the Application Business Logic.

2. Test Activities

Perform Static and Dynamic code analysis.

Perform manual code tracing and automated testing to locate interfaces and

review sanitisation of any data input or output.

Perform extensive manual Web Application security testing by authenticated

and unauthenticated.

Further manual analysis will be performed to identify sections of code

vulnerable to issues such as format string errors, race conditions, memory

leaks, buffer overflows, integer overflows or command injection points.

Code will be verified for general cryptographic errors that could affect the

confidentiality and integrity of data.


A review will be carried out to test the protection measures for sensitive data

storage.

Manual examination will be performed on the protection mechanisms for the

network traffic.

Try to circumvent application security controls.

Try to circumvent application business logic.



Report high risk vulnerabilities will be reported during testing.

3. Reporting

Generate an executive summary to confirm the date of the test.



analysis.



Make use of the CVSSv2, OWASP top 10 scoring system and CVE numbers to

categorize the identified vulnerabilities.

Report Includes the PCI DSS pass score for each vulnerability identified.

Assess current practice against industry best practices (PCI DSS, OWASP,

ISO/IEC 27002:2005) and provide detailed remediation plan.



the findings.


2.10 Web Application Training

Caretower provides in-house training for interested groups and companies. All of our training

is designed for web developers and network administrators and security professionals who

are looking to develop practical, real-world offensive security and penetration testing skills.

How to test SSL vulnerabilities

Session Fixation vulnerabilities and testing demos and recommendations on

proper defense.

o Session Fixation with phishing attacks


Cross-Site Request Forgery testing demos and recommendations on proper defense.

o GET Cross-Site Request Forgery o POST Cross-Site Request Forgery

Cross-Site Scripting testing demos and recommendations on proper defense.

o Reflective Cross Site Scripting. o Stored Cross Site Scripting.

o DOM Based Cross Site Scripting.

SQL injection testing demos and recommendations on proper defense.

o Error Based SQL Injection.

o Blind SQL Injection.

o Obfuscated SQL Injection.

Clickjacking testing demos and recommendations on proper defense.

Combined attack demos and recommendations on proper defense.

o Clickjacking and Cross-Site Request Forgery.

o Clickjacking and Cross-Site Scripting.

o Cross-Site Scripting and Open Redirects.

Recommendations on proper encryption use in web application.

2.11 Social Engineering Security Assessment

Caretower Social Engineering Security Assessment Services involves simulating real-world

attacks to provide a current view of vulnerabilities and threats to a client environment. These

"human-based" attacks consist of impersonating a trusted individual in an attempt to gain

information and/or access to information or the client network infrastructure.

Key Features

1. Allow you to test the effectiveness of your security awareness training programs, or

lay the foundation for creating one.

2. We agree specific, measurable test objectives tailored to test specific policies and

processes within your organization.

3. We use a range of techniques including persuasion and reverse social engineering to

gain entry to your site.

4. We use different resources to gather information, including corporate website, public

search databases, jobsites, dumpster diving, public venues and physical access.

5. Final deliverable is a detailed report about the policies that were tested, and the

results of each attempt.

The following types of social engineering security attacks can be scoped and added to an

existing engagement:


a. External (Remote) Social Engineering Security Services

The external or internal social engineering security assessment(s) will begin with passive

internet reconnaissance that includes using publicly available sources, such as websites, search

engines, and DNS records. Caretower security consultants gather relevant information about

the company and employees available on the Internet such as employee names, titles, phone

numbers, and email addresses. This information will be useful when conducting the more

active social engineering security services below:

Phone-based Social Engineering Security Services: Utilizing information in the

reconnaissance phase, and impersonating a trusted individual, Caretower will make

phone calls to individuals within the organisation. The objective of these calls will be

to induce the users to divulge sensitive information over the phone in violation of

company policy.

Targeted Email "Phishing" Attack Social Engineering Security Services: Emails will be

sent to individuals and groups within the organisation in order to attempt to entice

the user to click on an external or internal link that will either attempt to gather

sensitive information or deliver a malicious payload onto their desktop system which

could include browser and operating system buffer overflows, Trojan horses and

keystroke loggers.

b. Internal (Onsite) Social Engineering Security Services

The internal social engineering security services will begin with passive Internet

reconnaissance that includes using publicly available sources, such as websites, search

engines, and DNS records, to gather relevant information such as employee names, titles, phone numbers, and email addresses:

Malicious Portable Media Social Engineering Security: USB Flash drives and CD-ROMs

with enticing labels such as "Payroll" will be left in public areas such as hallways,

restrooms and break rooms. The media will contain simulated malicious code that will

attempt to grab sensitive host information such as the network configuration, list of

running processes and a password hash dump.

Physical Security Assessment services: Caretower security consultants will perform a

high level assessment of physical security controls including:

1. Examine threats to the building

2. Identify good and poor practice

3. Access Controls Around IT Assets

4. LAN Jack Access Controls


During the course of this service, the delegates from Caretower will go through various processes to cover the main areas required for basic physical protection:

We will conduct reconnaissance of the security at the site, and then carry out a

number of penetration tests which will offer a reasonable impression of the level of

security at the building. If one is successful we will attempt to covertly gain access to

other parts of the building and attempt to gain access to sensitive information.

We will carry out checks to see how security conscious staff are at their workstation.

This will involve unlocked pedestals, drawers, access to cupboards and sensitive

information.

It should be noted that our techniques are typically non-destructive and any

potentially destructive techniques would only be attempted with the customer’s

explicit permission. Our approach may include one or more of the following:

o “Tailgating”, impersonating client or service personnel, and creating and

utilizing counterfeit badges or physical tokens in order to leverage social

engineering attacks and gain entrance to facilities.

o Attempting to photograph, record, or otherwise document sensitive material

within the client controlled environments, particularly environments

constructed to protect sensitive information.

o Removal of physical assets in settings where the flow of business is not

obstructed, but where the occurrence of such demonstrates a significant

information security risk (all assets are returned at the conclusion of the test).

2.12 Physical Security Risk Assessment

The Physical Security Risk Assessment is suggested for organisations looking for a base level

cyber security test where IT is a business enabler rather than a core deliverable. The main

objective of the risk assessment is to determine that your organisation has effectively

implemented the controls required to secure the physical area and in order to defend against

the most common and unsophisticated forms of physical attacks.

Caretower’s Physical Security Risk Assessment Services involves simulating real-world attacks

to provide a current view of threats to a client environment. These "human-based" attacks

consist of impersonating a trusted individual in an attempt to gain information and/or access

to information or the client network infrastructure.

During the course of this service, the delegates from Caretower will go through various process to cover the main area required for basic technical cyber protection:

Inspecting the site location and the current security measures in and around the site

location.


o Perimeter security: Outer fences to determine their suitability and distance

from the building. All possible entrances and exits (including vehicle and

pedestrian entrances). Lighting will be assessed.

o Operational security: Visiting/guest procedures of the operating company

and the appropriateness of information retention and information recorded.

Access to data racks and procedures for access.

o CCTV and monitoring systems: Coverage of CCTV units and alarms to ensure

that they cover all entrances/exits and that they work at night. Access to

these will also be assessed to ensure that they can only be accessed by

authorised staff, and if operated over the Internet, that appropriate security

controls have been put in place. Alert procedures to be assessed.

o Access control: Suitability of doors and biometric/card/physical key access to

areas, and creation and revocation of access. Security of the systems that

control physical access.

o Audits and logging of access: Auditing and logging of access control systems

and the security controls of this data. Storage of CCTV files, access to these.

o Personnel security: Vetting and rotas of cleaners, security guards,

maintenance staff, and 3rd parties of the data centre suppliers.

Review the current security policies and procedure documents.

Interviewing the personnel responsible for IT assets and for the site locations.

Provide evidence such as photos and video recording in the case of security risk

identified during the assessment.

Note: Going through the self-assessment questioner with the clients covering the above mentioned area and verify them.

2.13 Phishing Attack Awareness Online Training

Social engineering and Phishing awareness training can be provided through computer-based training (web based online) which enables employees to take training from any location.

It contains short modular videos, allowing employees to complete training in multiple

sessions as time permits.

Training topics can be tailored to address specific audiences.

Language options offer consistent training across your entire organisation regardless

of geography.

Two online quiz questions to test learner comprehension.

Can provide completion reports, which allow you to track completion for compliance

reporting purposes.

Note: This service can be customised as per the customer’s requirement.


2.14 Social Engineering Awareness Training Onsite

Social engineering and phishing awareness training onsite can be provided after the results of

social engineering security assessment(s) which enable employees and IT staff to review their weaknesses and areas of improvement.

This course will help you and your team understand how phishing attacks work, what

tactics cyber criminals employ, and how to spot and avoid phishing campaigns.

Alert your employees to the risks of clicking on links that can harm your organisation.

Reduce your risk of a cyber-attack due to social media tricks and phishing scams.

Educate and enlighten your employees to the risks of harmful links and attachments.

Know how to identify a phishing scam and equip others to avoid a scam if they see

one.

Educate the internal IT team with regards to how to react in real time in case of social

engineering attacks.


2.15 Red Team Assessment

Red Team assessment is suggested for the clients who would like to test their robustness

against real time cyber-attack. The cyber threats to an organisation can come from multiple

sources, such as from criminal groups, political activists, competitors, hacktivists and can even

from ex-employees who has inside knowledge.

The client by purchasing a red team assessment will be receiving the following:

Key Features:

Dedicated team of 3 or more experienced ethical hackers will be working on this

project.

This assessment can be open scope or objective oriented scope.

Replicates a real attacker's approach of compromising the client’s IT infrastructure.

Open source intelligence gathering about the company and its employees.

Perform external network reconnaissance and attacks.

Perform Web application penetration test if necessary.

Perform external social engineering attacks that includes targeted spear phishing and

phone phishing.

Perform internal social engineering attacks.

Perform site surveillance and physical security assessment attacks.

Perform covert method to enter the office and plant rogue device on the network.

Perform wireless network attacks if required, in order to achieve the objective of the

assessment.


Benefits:

Identifies the weakest link of the organisation’s current security defence.

Measures the security awareness among the employees and technical team.

Measure the effectiveness of the current security control products such as AV,

firewall, IDS, IPS etc.

Knowledge transfer of where detection and response could be improved.

Provide detailed report with remediation guidance for all issues identified.


2.16 Wireless Grey Box Network Test

Grey Box Wireless Network Penetration Testing occurs when attempts are made to securely

penetrate network systems and defences to identify entry points and vulnerabilities with some

prior knowledge of the systems or infrastructure in place. In this situation the client is obliged to provide us with an IP range and the types of services each host has.

The client by purchasing a Grey Box Wireless Network Penetration Test will be receiving the following service:

1. Discovery

Verify/enumerate active company hosts through probing/port scanning.


Identify/verify type of service per active host.

2. Test Activities



secure manner.

Perform Segmentation check between WLAN and LAN.

Identify rogue access points.

Exploit potential wireless Man in the Middle attacks.

Test wireless encryption and misconfiguration issues.

Denial of Service attacks will be performed. (Optional).


3. Reporting


ranges tested.




analysis.






remediation plan.



the findings.


2.17 Host Build Security Audit

A host build security audit will get an insight into what might be the security issues on the

sample hosts that the company provide to Caretower on the day of testing.

Activities that will be carried out during the tests are mentioned below.

1. Discovery

Analysis of the host and the current security policies.

Verify type of services active on the hosts.

Identify the applications running on the hosts.

2. Test Activities

Assess current practice against industry best practices (Center for Internet

Security).

White box methodology will be incorporated while performing the

vulnerability assessment.


analysis.

Prioritise vulnerabilities based upon the ease of exploit, level of effort to

remedy, and severity of impact if exploited.

3. Reporting

Generate an executive summary to confirm the host details.


Include a summary report of vulnerabilities identified on the sample hosts.

Delivery report includes Caretower findings, analysis, and recommendations.


remediation plan.


Perform follow up conference calls and/or meetings explaining the severity

of the findings.


2.18 Firewall Security Auditing

Firewall security auditing is a mandatory task for any corporate environment, a single

erroneous rule in a firewall configuration could have a devastating impact on the risk level of

the organisation. Caretower offers a firewall auditing service to help businesses to maintain a

secure network.

Firewalls are the first line of defence for the business network, examining an endless stream

of network traffic against a set of established rules. Over time, the exponential growth in web

applications, e-commerce, communication tools, and networked business applications has led

to a similar exponential growth in firewall complexity rules.

In a typical organisation today, a single firewall may be configured with thousands of rules to

define network access policies and allowed services.

The client by purchasing a Firewall Audit will be receiving the following service:

1. Discovery

Analysis of the host and the current security policies.

Verify type of services active on the Firewall.

Understand network design and layout (if necessary).

2. Test Activities

Retrieve and analyse firewall configuration information.

Map network interfaces to network zones.

Analyse the firewall against the organisation’s access policies (detect

violations, highlight compliance levels).

Find unused, duplicate and redundant rules (configuration optimisation)



Remediation plan.

3. Reporting

Generate an executive summary to confirm the host details.

Include a summary report of vulnerabilities identified on the Firewall.

Delivery report includes Caretower findings, analysis, and recommendations.

Provide detailed remediation plan.



the findings.



3. About Caretower

Why Caretower?

As an independent IT security specialist, Caretower provide comprehensive solutions to individual problems, thus allowing our recommendations to be unbiased. Over the years, Caretower has quickly established many long standing relationships with all of our vendors, achieving the highest status within these organisations based on the level of expertise within our internal sales, support and professional services teams. This relationship ensures we provide our customers with key changes within the industry which assists in their on-going security management strategy.

Following over 10 years consistent business growth, Caretower has reached the position of market leader in network security and protection. With a capacity to design and implement business ready solutions and a management team committed to customer satisfaction, we have fortified our position as one of Europe’s leading value added resellers.

Caretower has always believed that service and support are the keys to a strong relationship with our customers and this has ensured that we not only supply our security products, but also offer additional services such as onsite demonstrations, installations, training, audits and health checks.

Accreditations and Membership

As one of Europe’s leading I.T. Security Specialists, we are committed to providing a high standard

of Penetration Testing and as such have achieved numerous accreditations and memberships of

professional organisations including the following:

Want to find out how we can help support and protect your business?

Speak to your dedicated Caretower Account Manager today or you can call/e-

mail:

0208 372 1000 / [email protected] / www.caretower.com

http://www.caretower.com/

http://www.caretower.com/

services description 2017

Documents