Sample Use Cases
Automated Pen Testing
Password Strength
| Security Objective | Business Benefit | Testing Capability |
|---|---|---|
| Maintain confidentiality of credentials | Reduce risk of a malicious third party gaining unauthorised access to business systems and data using cracked credentials | Credential sniffing and password cracking is available in all run types, closed box & translucent box. This feature provides visibility of the password robustness across the enterprise and inbuilt remediation guidance provides information on how to implement improvements and retest. |
• Setting Up a New Office or Network
• M&A Activity
• Third Party Risk Assessment
| Security Objective | Business Benefit | Testing Capability |
|---|---|---|
| Measure security posture on change and identify gaps against policy | Change introduces risk. Whether a new network is being added, an organisational change is taking place such as a merger, or business data/network access is provided to third parties such as service providers, penetration testing allows visibility of the security posture and risk to be assessed. | Automated pen testing can be carried out as often as needed to meet requirements. This provides the flexibility to run tests on third party infrastructure as well as on internal change events. Immediate reporting provides speedy visibility allowing for gap analysis and remediation guidance. |
Testing Segmentation & Internal Firewalls
| Security Objective | Business Benefit | Testing Capability |
|---|---|---|
| Reduce the attack surface between network segments to the minimum required to support business needs. | Allowing only the required traffic between network segments reduces the risk of unauthorised access to services and data. | Uses the same TTPs as malicious third parties. During the discovery phase, hosts and services available across network segments can be identified and exploited. Additionally, multi-homed devices can be exploited to move laterally into other network segments. |
Active Directory Loopholes/Vulnerabilities
| Security Objective | Business Benefit | Testing Capability |
|---|---|---|
| Maintain a secure User repository and keep the number of Administrators to the minimum required to support business needs | Maintain the robustness and hygiene of one of the most critical components in a security architecture. Reducing the risk of accidental or malicious exposure of directory information and also minimising over provisioning. | Can test for numerous misconfigurations within your AD which would increase your overall risk. Examples include anonymous enumeration, circular nested groups and shadow administrators. |
Malware Injection/Detection
| Security Objective | Business Benefit | Testing Capability |
|---|---|---|
| Maintaining system integrity. | Business systems and associated data remain protected against unauthorised access or manipulation by malware. | Once the correct privileges has been obtained, the pen testing tool will attempt to download payloads to test whether the endpoint protection blocks them or not. It then provides immediate visibility on which hosts blocked the payload and which didn’t, allowing for focused and efficient remediation. |
SIEM, EDR & Other Security Alerting
| Security Objective | Business Benefit | Testing Capability |
|---|---|---|
| Reduce the time to detect a cyber attack. | By detecting an attack early, the window of opportunity for a malicious third party to continue an attack is decreased and risk is reduced. | Uses the same TTPs as malicious third parties rather than simulation. Throughout the attack lifecycle, alerting systems and teams are tested and tuned such that if a malicious attack was underway, confidence is increased that alerts would be triggered. |
Critical Assets Validation
| Security Objective | Business Benefit | Testing Capability |
|---|---|---|
| Prioritise security related budget and effort based on impact to the business. | Identifying certain assets as critical allows for prioritisation of remediation activity on those assets. They have their issues fixed first, reducing risk in the right place at the right time and increasing efficiency. | Allows you to configure your own critical assets. For example, user accounts, hosts, IP ranges, web service credentials, etc. If pen testing can successfully execute an achievement on those assets, they will be prioritised higher in the results. |
Rogue Asset Detection
| Security Objective | Business Benefit | Testing Capability |
|---|---|---|
| Maintain system integrity by identifying shadow IT. | Reduce the risk of unknown and unmanaged hosts accessing the network, ultimately preventing unauthorised access to business systems and data. | During the discovery phase, the pen test identifies all live hosts within the given scope, discovering hosts that are not known to the IT team and not under their management and control. |
Default Passwords Used In OEM Network Devices
| Security Objective | Business Benefit | Testing Capability |
|---|---|---|
| Maintain confidentiality of credentials. | Default passwords often allow administrative access to network devices allowing for full access to the device plus the ability to install software. Changing the default passwords to new, robust passwords reduces the risk of a malicious third party accessing data traversing the network as well as limiting lateral movement. | Tests network devices for default passwords based on the manufacturer. Additionally, penetration testing can attempt to brute force credentials on those network devices. |
IoT Device Security
| Security Objective | Business Benefit | Testing Capability |
|---|---|---|
| Maintain system integrity. | With the proliferation in IoT devices comes an increased risk of unauthorised access to the network, business systems and data. By identifying and remediating issues on those devices, this risk is reduced significantly. | Can identify IoT devices that may run embedded or even full versions of operating systems with vulnerabilities that can be used by a malicious third party, enabling tactics such as lateral movement and credential gathering to execute. |
Validate the Existing Holistic Security Stack
| Security Objective | Business Benefit | Testing Capability |
|---|---|---|
| Establish ROSI (return on security investment). | Gartner estimate total security spend of $133 billion by 2022. By testing using the same TTPs as malicious third parties, security investments are validated in a manner which proves they will reduce risk correctly if, unfortunately, a malicious third party successfully enters your network. | By undertaking pen testing in the same way as a malicious third party, this solution helps organisations to validate their security stack. This allows prioritisation of resources on tuning, updating or replacing security tools, increasing their effectiveness and extracting maximum value. |
Increase Testing Efficiency & Cadence
| Security Objective | Business Benefit | Testing Capability |
|---|---|---|
| Improved risk picture based on focused and up to date information. | Typically, pen tests are carried out manually on an annual or biannual basis. This information gets stale very quickly and risk based information used in reports is not up to date. Automation allows this cadence to be increased providing an up to date view of where the risks lie. | By applying machine speed and machine scale testing, customers benefit from results in a fraction of the time compared to manual pen testing. Automation also enables manual pen testing and red teams to focus on more specific tasks whilst the pen testing tool undertakes the tasks associated with network and infrastructure. |
Enable Continuous Security Improvement Programmes
| Security Objective | Business Benefit | Testing Capability |
|---|---|---|
| Integrate security testing in an iterative framework which supports constant improvements. | Continuous security improvement allows for constant measurement and enhancement in overall security posture, across people, process and technology. This iterative process ultimately drives down risk on an ongoing basis. | Can be used repeatedly and consistently to benchmark the cyber resilience of an organisations internal and cloud IaaS network. As exploits are mapped to the Mitre Att&ck Framework, organisations gain consistent visibility of their resilience to the TTPs used by real attack groups. By increasing both the cadence and ability to specifically test at will, an organisation is able to validate their changes in cyber resilience over time. |