Penetration Testing

Our penetration testing services identify existing application security flaws by imitating attackers’ real-life tactics.

Assess cross platform security weaknesses which are not related to a single functionality, developed feature, or by a single team, but rather cross platform flaws that may compromise the system as a whole.

A Penetration test, Pen-test, or PT means hands-on testing of a computer system, network or web application to find security vulnerabilities that an attacker could abuse.

A penetration test is a time limited assessment that is defined for a certain scope, providing best value in terms of time, budget and results. The scope may focus on:

Web Application
Testing a computer program that is delivered over the Internet, interacting with a remote server, using a web browser as its client

Client / Server Application
Testing a computer program that is installed on a user’s desktop. This software includes a user interface and frequently the processing itself takes place at the client side

Mobile Application
Testing a software that operates on a mobile device, such as a smartphone or tablet, running on Android or iOS operating system

External Applications
Focusing on applications that are accessible from the public internet. The assessment can be conducted interacting via an authenticated or an unauthenticated user account

Internal Applications
Aiming at systems and internal application resources that can be accessed only by company’s employees and other authorised individuals, from within the corporate network.

  • You will decide which applications, domains, systems, interfaces or features you would want to put through vulnerability assessments.
  • We will have a conversation about the scope, in order to refine, and focus on the areas that matter the most in terms of risk, and will provide you with the best value approach.
  • We will agree on the testing methodology, limitations, and timeframe for execution of the security assessment.
  • Our team information security consultants in London will execute the assessment, keeping you informed and involved, including producing daily/ weekly status reports.
  • We will deliver the security findings report to you. This report will describe the security vulnerabilities that were found during our assessment, including remediation procedures for your applications’ security posture enhancement.
  • We will be happy to support you in any point of your remediation process

This process is conducted by experienced cyber security consulting experts and hacking consultants simulating real-world software hacking scenarios, by using hacker tools, techniques, and processes.

  • Annually/ bi-annually/ Quarterly, in accordance with your company’s information security policy.
  • Following a request from a client or a business partner.
  • Before publishing new application features, functionalities, upgrades or modifications of applications’ components.
  • Prior to introducing an application to a large amount of users.
  • During a cyber security for mergers and acquisitions (M&A) audit.

WHITE-BOX TESTING

“The open Kimono approach”

The most comprehensive approach. Provides the penetration testers with full information about the target applications, before and during the test. This information can include access to the source code of the applications, applications design and specification documentation, etc.

BLACK-BOX TESTING

“Zero knowledge”

This process simulates the actions and procedures of a real attacker by severely limiting the information given to the person or team performing the test beforehand. Typically, the pen testers may only be given the name of the company, and its domains that are in scope for the test.

cyber-security

GREY-BOX TESTING

“The hybrid approach”

A combined approach, which is carried out with the tester having a partial prior knowledge of applications’ internal structure, their technologies, and business logic. A grey testing approach can be internal or external and it speeds up the testing process, as the tester has some understanding regarding the company’s assets, and the potential attack vectors, while maintaining a certain degree of obscurity. From a cost-effective perspective, this is probably the most recommended of all three.

STEALTH-MODE TESTING

Leaves minimum traces, and artefacts in the system. This method can be leveraged into testing company’s detection, alerting, and response related capabilities

Quick & Dirty 

‘A mile wide and an inch deep’ approach for testing. Mainly, consists of various automated scans of the applications or systems, with limited human interaction. This approach may be applied for large scope of low risk applications that have to be assessed in a constrained timeframe.

DELIVERABLE

  • An executive summary of the security vulnerabilities of the tested applications
  • A technical report listing your tested applications security vulnerabilities
  • Remediation procedures for applications security enhancement
  • A statement for any interested parties that an application security assessment was conducted towards company’s applications

Secure Software Development Life Cycle (S-SDLC)

Building security into the design, maintenance and dismissal phases of the software development process.

Security must be embedded in all stages of the Software Development Life Cycle (SDLC). However, catching issues early can save costs significantly.

Applying an information security risk management process to system development, integrating security controls along the traditional system development life-cycle phases:

Initiation
Identifying the key security activities to be carried out during the development of the system; data to be collected, processed, transmitted, or retained, and all the applicable stakeholders that are involved in the development process

Acquisition/ Development- Implementation
Analysing security requirements and designing the security architecture, performing security assessments, preparing secure coding guidelines and procedures

Operations/ Maintenance
Creating monitoring procedures to ensure that security is consistent with pre-established security requirements, and that any modifications to systems are processed via a security assurance process

Disposal
Ensuring that no unauthorised disclosure of sensitive data occurs during the disposal process, while preserving the vital pieces of information about the system so that some or all of the information may be reactivated in the future

  • We will learn about your development process model, whether it is Waterfall, Agile, or DevOps based, and its implementation by your software development team
  • We will conduct an SDLC focused risk assessment to define areas of concern and security deficiencies along your software delivery supply chain
  • We will provide you with a detailed gap-analysis report, and a work plan to bridge those gaps
  • We will be happy to support you in any point of your journey of bridging those gaps

This process is conducted by experienced application security architects, ex-developers, and senior information privacy consultants, working closely with your development teams and business owners.

  • When there are too many findings coming up in the penetration testing reports, and you need a holistic solution that will address the risks from their roots.
  • Whenever your company wants to review its security controls and procedures around the security of its development process, or to enhance its security-related ongoing development activities.

CODE REVIEW

Analysis of the coding practices used in the application, revealing application vulnerabilities resulted from breaches in the source code of the applications.

PENETRATION TESTING

Hands-on testing of a computer system, or web application to find security vulnerabilities that an attacker could abuse.

DEVELOPERS EDUCATION

Improve your developers’ security technical skills, by conducting hands-on security focused trainings, in which they will learn the best practices for designing, implementing and deploying secure applications and environments.
cyber-security-08-1

SECURE DEVELOPMENT GUIDELINES

Limiting the likelihood of security vulnerabilities caused by a programmer error. Developers should adhere to recommended coding guidelines. Such guidelines bring together a comprehensive set of security-specific coding best practices, targeted at the languages and technologies that are in use by company’s developers.

DELIVERABLE

  • Secure SDLC posture gap analysis report, including an executive summary and a detailed technical description
  • Tailored recommendations and a remediation plan for the enhancement of the security controls around the software development process
  • Secure development training, and its collaterals, including presentation templates, vulnerable application technical exercise, etc.
  • Technical secure development guidelines, focusing on the technologies and development frameworks that are used by your company

Secure Code Review

Your applications are as secure as the code that creates them

A code review assessment can significantly increase the cost effectiveness of your application security validation process. A code review gives you enhanced visibility regarding potential vulnerabilities and flaws that stem from the design of your applications and boosts application security.

Ensuring that the source code is developed securely following secure development best practices, implementing proper security controls and safeguards by design, by identifying potential security vulnerabilities and flaws.

Security code reviews are a combination of human effort supported by technology, including the following assessment methods:

Static Code Analysis 
Analysing and evaluating security flaws in the code in a non-runtime environment, without executing the program. A static analysis can be conducted in very early development stages, focused on specific areas of the code rather than the whole of it, and be assisted by various automated tools that leverage reviewers’ capabilities and save time

Dynamic Code Analysis
Analysing and evaluating security flaws in the code in a runtime environment, while executing the program, examining the interaction of the code with various components, such as databases, servers, and services. This process enables fuzzy testing techniques, providing the system with invalid, unexpected, or random input data to assess system’s outputs.

Manual Secure Code Review
A manual review of the code starts after an interview with the development team, understanding the context of the business logic of the application, estimating the risks of an attack to materialise against it and the business impact of a potential breach. The review is focused on the areas of the code which have significant importance and critical functionality, such as data inputs, financial transactions, external interfaces and the like. A manual review is a slow process, however, it introduces less false positives.

Automatic Secure Code Review
An automated approach for code review assessment provides greater scalability, and allows to search for hundreds of different security flaws at once. The review is conducted using industry leading code scanning tools, both commercial, and open sourced, and is often concentrated on the areas of the code that were developed by the company itself, rather than scanning externally provided libraries, which security was accredited by external trusted parties

Hybrid Secure Code Review
A combined approach in which code scanning tools’ capabilities are leveraged, with reviewers professional experience, and prior understanding of the application’s business logic that is obtained through series of interview sessions with system’s developers. In this assessment scanning tools’ results are being verified manually against the code and the application itself, to reduce the amount of false positives that appear as findings in the final report.

  • We will learn about your software code structure, and together with you define the right scope, and approach for the code review assessment, considering risks and budget
  • We receive your source code through our secure vault
  • Our team of code reviewers will conduct a code review, following the agreed scope and approach
  • We will provide you with a detailed security findings report and recommendations for the remediation of the discovered vulnerabilities in your code
  • We will be happy to support you in any point of your journey of bridging the gaps in your code security

This process is conducted by experienced application security architects, ex-developers, and senior penetration testers, working closely with your development teams and business owners.

During the development process, and after your applications were launched.

SECURE DEVELOPMENT GUIDELINES CREATION

To minimise the likelihood of security vulnerabilities caused by a programmer error, developers should adhere to recommended coding guidelines. Such guidelines bring together a comprehensive set of security-specific coding best practices, targeted at the languages and technologies that are used by company’s developers.

DELIVERABLE

  • Secure code review findings report, including an executive summary and a detailed technical findings description
  • Specific recommendations for addressing the discovered security flaws, and enhancement of the security code development process
  • Secure development training, and its collaterals
  • Technical secure development guidelines, focusing on the technologies and development frameworks that are used by the company