Penetration Testing Services
Sometimes the best defense is a good offense. As your organization engages in penetration testing by using LBMC Information Security, you’ll identify the holes in your defenses before cyber-attackers do. It’s better for your penetration testers to find a weakness than your adversaries.
LBMC Information Security is among the largest information security practices based in Tennessee. We have practical experience and credentials to adeptly perform penetration testing on your networks, systems, and applications as required by numerous compliance standards, including the Payment Card Industry Data Security Standard (PCI DSS). Penetration testing can be invasive, but our highly experienced experts know how to enumerate security weaknesses, identify and validate potential attack vectors, exploit vulnerabilities, and determine your environment’s susceptibility to attack in a way that preserves the integrity of your production systems. This makes us among the top penetration testing companies in the country.
External Penetration Testing Services
This assessment determines the security posture of your Internet-facing systems and provides recommendations to improve the existing security measures in place by assuming the perspective of a hacker. We use tools and techniques to demonstrate vulnerabilities, performing the assessment “from the outside” and attempting to gain information or identify weaknesses with no prior knowledge of the environment.
Internal Network Penetration Testing Services
Using a highly-regarded methodology for testing, our internal penetration testing process identifies any specific areas of weakness that can be exploited to obtain unauthorized access. Our process involves connecting to an active network port from within the internal network without any network authentication credentials. This provides the ability to analyze the network from the perspective of an attacker who has already gained access to your internal network through some means of physical exploitation. Analyzing the network in this way provides clients with a comprehensive picture of security risks within their private IT environment. While many organizations focus on securing their perimeter, the internal network often still has unaddressed weaknesses that could be leveraged by an attacker who has gained a foothold or a malicious insider. LBMC Information Security’s approach provides you with a clear picture of these risks.
Wireless Network Security Testing
Wireless networks have become an important part of most enterprise network environments, but they pose their own unique risks and should be included in a security assessment. LBMC will evaluate the security of your wireless networks, including penetration tests and architecture design reviews, to attempt to access sensitive information and/or leverage a wireless connection to gain access to your private network environment.
From sending fake emails with spoofed sites, to posing as callers who try to secure sensitive information, to dropping a USB drive in the office, we use a variety of techniques to gauge your company’s susceptibility to these common attack techniques. This process helps expose practices that create vulnerabilities and helps determine the vigilance and awareness of your personnel. Our service offerings are:
- Email Phishing—Crafting a tailored email message(s) that includes a link to a spoofed website. We will then send it to a specified mailing list provided by your organization.
- Phone Testing—Posing as IT or other authorized users and ask for credentials or call the help desk and attempt to get a password reset.
- USB Drops—Dropping USB sticks around public areas of facilities to get users to insert them into their computer.
- Physical Testing—Evaluating your company’s physical security controls in place to protect your network and IT assets. From piggybacking into an office to cloning ID badges, we offer a wide range of options.
Using tools and techniques that an attacker with no prior knowledge of the environment would likely use, we attempt to gain information and identify weaknesses through dynamic application security testing that could be exploited by an attacker.
To do this, our team will evaluate the security of your web application by “interacting” with it from the Internet. The scope of our testing will include manual and automated intelligent fuzzing, access controls, application logic, authentication, and session management. This manual and automated testing will be performed using commercial and/or open-source web application tools coupled with our testing team’s extensive experience in hunting and exploiting application security weaknesses across all industries. In an effort to increase code coverage and to appropriately model particular threats common to many applications, our attack simulations can be conducted from two distinct perspectives:
- No access, simulating anyone on the Internet (unauthenticated)
- Basic or limited end-user access (authenticated)
This approach provides you with a clear picture of any security weaknesses that exist in the applications, as well as the likelihood of the exploit.
Mobile Application Security Assessment
The objective of the mobile application security assessment is to evaluate the security of the in-scope applications by searching for vulnerabilities that could be exploited by an attacker. This assessment will determine the security posture of the mobile application and provide recommendations for improving its overall security. We will review both iOS and Android versions.
LBMC Information Security will evaluate the security by “interacting” with it from our own mobile devices, simulating access the public has to the application. The scope of our testing will include manual and automated intelligent fuzzing, access controls, application logic, authentication, and session management. This manual and automated testing will be performed using commercial and/or open-source web application tools coupled with our testing team’s extensive experience in hunting and exploiting application security weaknesses across all industries.
Purple-teaming is a coordinated effort between a red team (penetration testing) and a blue team (network defense) with the common goal of ensuring an organization’s controls are working effectively and as expected. Too often, the efforts of red and blue teams are segregated. The red team works hard to get into the network, and the blue team implements controls to secure it. But, without purple-teaming, the two groups rarely work collaboratively. Individually, the teams are doing their jobs, but they’re each working toward different goals. The blue team has the goal of protecting the network, and the red team has the goal of compromising it.
By adopting a common goal, the teams are no longer just identifying vulnerabilities and working based on assumptions. Instead, they’re testing controls in real-time and simulating the type of attack scenario likely to occur if an organization is attacked.
Purple Teaming examples:
- IPS/IDS Functionality
- Network Access Control (NAC)
- Events/Alerts on Recon Activity
- Endpoint Controls
- Alert Handling
- OWA/0365 Mailbox Compromises
- Password Attacks
- C2 Communications
- Privilege Escalation
- Lateral Movement
- Egress filtering
- Data Exfiltration
Our team will leverage its extensive penetration testing and incident response experience to work with your organization in selecting the appropriate controls to test, determining the expected outcome, and then designing the appropriate method to conduct the attack simulation. Security controls for external perimeters, cloud environments, and internal controls will be tested.