Security of your network is paramount in today's network centric society. With security breaches increasing in complexity and diversity, assessing the potential security risk and exposure of your corporate assets is vital to management teams.
Who should consider us?
Our assessment service is targeted at the rural service provider community. Our deep experience in the rural service provider network infrastructure, design, and services makes us a great choice for teaming with you to conduct a security assessment and report back to you what we find, so that risk can be quantified and minimized wherever possible. While we cannot guarantee your assets will be 100% safe (no one can), we certainly can help to educate and assess your team and asset posture and exposure.
Our work is considered extremely confidential and require a mutual non-disclosure to discuss and implement this service.
What areas do we look at?
- We assess both internal and external network servers, routers, switches, and other devices
- We review process and procedures
- We examine Wi-Fi Network Security
- We can include IPv6 Network Security
- We have provided technical network training since 1998, so we leverage that experience to also provide Security Training for employees.
CellStream, Inc. Security Assessment Plan (CISAP)
When you engage us to help you with your security assessment, we will use the following four-phase plan:
- Phase 0: Initial High Level Plan - a simple high level definition of the assessment. Critical to the success of the assessment and the creation of this project plan is an understanding of the general architecture of the target network and company. Therefore, two key inputs are needed:
- Completion of the CellStream, Inc. Security Assessment Questionnaire (CISAQ)
- An accurate and current Network Diagram inclusive of VLAN and IP Addressing plan
- Phase 1: Project Plan - a detailed program plan detailing what we are going to do, and how long it will take (estimated).
- Phase 2: Program Execution - here is where we actually conduct our assessment. Usually it is a combination of offsite and onsite activities.
- Phase 3: Findings / Actions Report
What is involved in the assessment?
A generic assessment can involve different areas. We will list them below, but not all these will be defined in the scope of a specific CISAP.
Social Engineering Assessment: In this assessment, attempts are made to make a person reveal sensitive information like password, business-critical data, etc. These assessments are mostly done through phone or Internet, and it targets certain helpdesks, employees & processes.
Human errors are the main causes of security vulnerability. Security standards and policies should be followed by all staff members to avoid social engineering penetration attempts. An example of these standards includes not to mention any sensitive information in the email or phone communication. Security audits can be conducted to identify and correct process flaws.
Web Application Assessment: Using software tools and methods we can verify if the application is exposed to security vulnerabilities. This type of assessment checks the security vulnerability of web apps and software programs positioned in the target environment.
Physical Penetration Assessment: Strong physical security methods are applied to protect sensitive data. This type of assessment is generally used in military and government facilities. All physical network devices and access points are tested for the possibilities of any security breach. This test is not much relevant to the scope of software testing.
Network Services Assessment: This type of assessment tests where the logical openings in the network may exist, and the assessment identifies which entry is being made in the systems on the network and checks what kind of vulnerabilities may exist. This type of assessment can be done internally (preferred) or externally.
Client-side Assessment: This type of assessment simply aims to search and exploit vulnerabilities in client-side software programs that may be used within the organization.
Remote Dial-up/War Dial Assessment: This type of assessment searches for modems in the environment and tries to log in to the systems connected through these modems by password guessing or brute-forcing.
Wireless Security Assessment: This type of assessment discovers the open, unauthorized, and less secured hotspots or Wi-Fi networks and connects through them.
What are the assessment methods used?
The assessment may use any, or all, of the following techniques:
Black Box Testing: In this approach, the tester assesses the target system, network, or process without the knowledge of its details. They just have a high level of inputs like URL or company name using which they penetrate the target environment. No code is being examined in this method.
White Box Testing: In this approach, the tester is equipped with complete details about the target environment – Systems, network, OS, IP address, source code, schema, etc. It examines the code and finds out design & development errors. It is a simulation of an internal security attack.
Grey Box Testing: In this approach, the tester has limited details about the target environment. It is a simulation of external security attacks.
What will CellStream do during the assessment?
Every network/company is a little different. So we customize exactly what we will do. That said, we will generally perform any/all of the following as per the scope of the assessment:
Data Collection: Various assessment methods including Google search are used to get target system data. One can also use the web page source code analysis technique to get more info about the system, software and plugin versions. Further, there are many free tools and services available in the market which can give you information like database or table names, DB versions, software versions, the hardware used and various third-party plugins used in the target system.
Vulnerability Assessment: Using a variety of tools, and based on the data collected, we attempt to find the security weakness in the target system. This identifies possible bad actor entry points in the target network/system. These methods are “noisy”, meaning we do not try to be stealthy. Instead we want to trigger any security mechanisms in place to attempt to stop us, and those results are as important as results that indicate weaknesses.
Actual Exploit: Not usually included as part of the assessment, these methods require special skills and techniques to launch an attack on the target system. These methods may cause outages and failures.
Assessment Report Preparation: After completion of assessments, detailed reports are prepared containing findings, both positive and negative as well as recommendations for taking corrective actions. All identified vulnerabilities and recommended corrective methods are listed in these reports.