Security Consulting

Organizations struggle to ensure safeguards are consistently applied to protect their valuable information. Inconsistencies in security measures are often attributable to variations in available security products, support tools, administration techniques and delivery mechanisms.

consulting

Herjavec Group will review your organization’s security infrastructure against the following three principles to understand the existing information technology control framework, identifying where you are most vulnerable to cyber threats and attacks:

security-architecture

Security Architecture
Policy, People, Process

preventative-control

Preventative Controls
Technology, Tools and Techniques

detective-controls

Detective Controls
Management, Monitoring
and Review

Our Security Consulting Service offering includes:

  • Vulnerability assessments and penetration testing
  • Network security review
  • Policy assessment
  • Web application assessments
  • Firewall rule review
  • Domain password audits
  • Social engineering assessments
  • Wireless assessments
  • PCI compliance review

 

 


 

Network penetration testing is one of Herjavec Group’s most requested service offerings. This service is usually conducted in one of two possible scenarios:

 

exnetwork

Externally from the Internet
facing the customer network

innetwork

Internally in the customer network

Both scenarios are conducted to test the security measures implemented and processes followed by the customer. Whether internal or external, penetration is similarly executed in the following phases, with the goal of exploiting discovered vulnerabilities to gain control of or compromise the target.

Intelligence Gathering

Intelligence gathering is gaining an understanding of the organization and its Internet footprint as well as any asset information.

  • Social Media (Twitter, Facebook, blogs)
  • Search Engine results (Google hacking, username/email harvesting, employee information)
  • Domains owned and registered by the company (mail, web, ftp and other server identification)
  • Company website (services/skills used by the company, partnerships, services provided)

Network and Application Reconnaissance

Reconnaissance is conducted to discover all live hosts and services running within the organizations network range.

  • Port scanning (standard and non-standard ports are probed)
  • IP scanning (discovering hosts and verifying host status)
  • DNS Lookup
  • Service fingerprinting (banner grabs, response analysis, known port lookup)
  • Service enumeration (pull relevant information from open services)
  • Operating System identification

Vulnerability Discovery and Analysis

Vulnerability discovery is an interactive procedure with the customer network to discover any vulnerability that exists on the hosts found in the previous phases.

  • Service Scanning
  • Vulnerability Scanning (typically conducted with third party tools)
  • Manual Checks
    • Based on discovered hosts and services information as well as manually researched vulnerabilities

Vulnerability Exploit and Privilege Escalation

Vulnerability exploit phase calls for the attempt to exploit the vulnerabilities discovered in the previous phase in order to gain unauthorized access to the host.

  • Vulnerability exploitation (typically remote but not limited to)
    • Use of known exploitation tools
    • Use of custom created scripts or modified third party scripts
  • Account hash dumping (password cracking attempts can be made, hashes can be passed)
  • Escalation from low level accounts (horizontal or vertical)
  • Shell code injection (in vulnerable applications)