Clients ask us to provide penetration testing as a security best practice, to meeting regulatory compliance, or to meet Board and customer expectations. While we tailor each test to our client's needs, the common denominators include:
- Understand the business drivers for the test and how the results will be used.
- Determine why the target system is important and if specific threat actors are of concern.
- Develop test hypotheses, test to confirm the hypotheses, and pursue those that seem most plausible and that appear to pose the greatest risk to the target system.
- Mimic methods used by sophisticated attackers. This requires creative, manual testing; not simply running automated tools.
- Identify vulnerabilities and their root cause (to reduce the likelihood that the vulnerability will re-emerge).
- Communicate the test results to technical and management audiences with equal emphasis given to positive findings.
KoreLogic's Penetration Testing Services
|Test Type||What We Test|
|Mobile||Mobile applications, devices, network elements and end-to-end services for mobile carriers, third party mobile service providers, and mobile applications developed by our clients.|
|Cloud||Cloud-hosted mission-critical applications, SaaS providers and public or private cloud infrastructure.|
|Web Applications||Web applications or other software to find defects such disclosure of sensitive information and vertical or horizontal privilege escalation.|
|Internal||Network devices, servers, endpoints to gauge their resistance to attack by a malicious insider or compromised internal systems, effectiveness of isolation, etc.|
|External||Public-facing systems to verify they are properly hardened for Internet-exposure.|
|Social Engineering||Targeted email phishing campaigns to attempt to harvest credentials from users, phone calls to the helpdesk impersonating employees with access problems, etc.|
|Vendor Risk Management||Testing of our clients' service providers who handle their confidential data or who have access to client IT resources.|
|Product Security||Pre-release security testing of new products to help ensure they have been properly hardened for their intended uses.|
|Red Teaming||Custom test scenarios that gauge the resistance to attacks against a client's most business-critical digital assets.|
|SCADA & ICS||Tabletop security architecture review followed by targeted assessments such as of operator workstations, test or production SCADA/Industrial Control Systems, and analysis of network connectivity and traffic between SCADA and IT environments including network isolation, proper use of encryption, and credential management.|
|IoT Testing||We test the security of IoT devices/sensors, IoT communications, IoT platforms, IoT applications/APIs/portals, and backend infrastructure including IoT-supported clouds.|
|Customized Hardware, Firmware and Embedded Software Testing||Assessing the security of any hardware, firmware or embedded software system involves a determination if it has been securely designed; that its security functions perform effectively; and it is resistant to physical and logical attack.
This typically requires threat modeling, abuse case development and testing at the application, operating system, and network layers.
KoreLogic uses a combination of testing techniques such as: hardware and software reverse engineering, network or application capture/analysis/manipulation, protocol analysis, cryptanalysis, source code examination, custom software (e.g., device driver fuzzing) written to exploit suspected vulnerabilities, etc.
To see project examples of these security tests, see Impact Stories.