When was the last time your company performed an inventory and review of all internet-exposed systems? This is a good question to seek an answer to when you want to assess the risk of your internet presence. Systems become obsolete, and new vulnerabilities are discovered daily, which means companies must be diligent in inventorying their systems, which ports are exposed, which versions of different software are running, and map these against vulnerabilities that pose a real threat.
It is a challenging task that must be iterated at regular basis and is not always in line with the company’s prioritized goals. A common reason is a Don’t fix it if it ain’t broken a attitude in combination with prioritization of scale an growth which may leave internet-exposed system vulnerable to attacks.
What does a pentest of external infrastructure entail?
The assignment usually begins with the client providing a list of IP addresses and domain names to be reviewed. In addition to this, Shelltrail uses Open Source Intelligence sources (OSINT) to try to find more systems that may be undocumented or classified as Shadow IT.
Once the list of identified systems is deemed complete, it is verified that all targets are under the client’s security responsibility and not third-party systems. If third-party systems are involved, written approval regarding the security audit of the third-party must be submitted to Shelltrail’s security consultants.
With a complete list of legitimate targets, the testing begins where a combination of automated and manual security audits of the systems is performed. Here, techniques from all of Shelltrail’s areas of expertise are combined, such as security reviews of web applications, Windows and Linux attacks, binary exploitation, and cloud-specific attacks, to name a few.
Shelltrail’s security experts possess a broad background in cybersecurity audits, which serves well for the varied services that can be exposed on the internet.
Why and when should an external infrastructure review be performed?
As previously mentioned, new vulnerabilities are discovered daily and systems become End-of-Life, sometimes leading to the manufacturer ceasing to maintain systems with security updates. This makes it important to periodically conduct a review of internet-exposed systems to secure them before attackers find the system. Regardless of whether your company produces garden hoses or develops pharmaceuticals, your internet-exposed systems may become a target for opportunistic attackers scanning the internet.
The Result
The assignment results in a professional report where all security issues are described in a detail. The vulnerabilities described in the report are ranked from critical to low, and in combination with the client’s perceived risks, the report can be used as a priority list in which order to address the problems. It is not uncommon for the report to be used to increase the security budget for a company or to inform, for example, management that security must be prioritized.