Presentation is loading. Please wait.

Presentation is loading. Please wait.

0 Kluge Burch Zimmerling GRC Advisors Commodity Services Specification Penetration Testing & Application Security Assessment January 2015.

Published byDwayne Heath Modified over 9 years ago

Similar presentations

Presentation on theme: "0 Kluge Burch Zimmerling GRC Advisors Commodity Services Specification Penetration Testing & Application Security Assessment January 2015."— Presentation transcript:

1 0 Kluge Burch Zimmerling GRC Advisors Commodity Services Specification Penetration Testing & Application Security Assessment January 2015

2 1 Kluge Burch Zimmerling Content 1.Introduction 2.Assessment Workflow 3.Generic Penetration Testing work program 4.Penetration Testing work program for specific host types 5.Penetration Testing work program for network subnets 6.Application Security Assessment 7.Example Report

3 2 Kluge Burch Zimmerling Introduction This document outlines the work program defining the Penetration Testing and Application Security Assessment Commodities available at www.dimentis.com.www.dimentis.com Method of TestingAll assessments are performed remotely over the internet. Reporting FormatThe report will be issued in a standardized format as outlines in the appendix. Assessor and StandardsBoth services are offered by the Partner Companies indicated on our Website. The assessments are performed by experienced testers and are made in accordance with common standards such as OWASP, NIST and BSI.

4 3 Kluge Burch Zimmerling Workflow  You select and order at KBZ website  Order is forwarded to Assessor  Assessor confirms your order  Assessor provides you with secure means of communication for next steps  Your identity and your ownership of the subject of evaluation are confirmed  You communicate the IP addresses of the systems to be tested  Assessor agrees with you the details of the testing such as the time of execution  Assessor performs tests  Assessor provides report via the secure means of communication ConfirmationOrder Define Subject of Evaluation ExecutionReporting 1 dayInstantly1 day3 days2 days Timeline NB. “day” means working day, Mo-Fr

5 Penetration Testing Single Hosts

6 5 Kluge Burch Zimmerling Penetration Testing – Generic Assessment Program Phase NoObjectiveTesting Steps 1Information Gathering (I) (According to NIST, BSI) Research information about the target system. Method: Search Engines, Forums, Tools e.g. Dig, Nslookup 2Information Gathering (II)Scan target systems and their ports to detect services they offer. Method: Nmap, Hping, other Portscanners 3FingerprintingMethod: Vulnerability Scanning Software such as Qualis, OpenVAS, Nessus, NMap 4Vulnerability ResearchResearch system vulnerabilities based on the information gathered. Method: Vulnerability Scanning Software, CVE DB, VulnDB, Exploit DB 5Verification and ExploitingVerification and exploiting of found vulnerabilities Method: Individually, depending on system and vulnerabilities found This Generic Assessment Program describes the basic steps for penetration testing irrespective of the host type. It assumes an approach without authentication credentials and involves manual testing and verification of vulnerabilities found. Host specific testing and the Application Security Assessment use this program as starting point.

7 6 Kluge Burch Zimmerling Tests for Specific Host Types Host TypeTesting Steps Manual Verification  Testing of logon mechanisms and forms for SQL Injection and XSS  Additional tests based on OWASP Top 10 Mail Server  Generic Work Program  SMTP Tests e.g. relaying  Mail & Malware Tests. Authentication credentials required. Sending different file extension samples and test-malware to test filtering  Testing active protocols e.g. POP3, IMAP for vulnerabilities DNS Server  Generic Work Program  DNS Cache Poisoning  DNS spoofing  DNS Aplification Attack  Recursive Queries  DNS Protokoll attacks and Man-in-the-Middle attacks  Testing for von data leakage via DNS Server Remote Access Server e.g. RAS, VPN, OWA Without authentication credentials  Generic Work Program  Testing authentication platform or mechanism  Transport encryption  Testing for vulnerabilities against Man-in-the-Middle attack scenarios  Testing for von data leakage Transfer Server (FTP, SFTP) With authentication credentials  Generic Work Program  Testing Authentication platform or mechanism  Reviewing access rights  Testing for vulnerabilities against Man-in-the-Middle attack scenarios  Testing for von data leakage Others  Generic Work Program  Determined on a case by case basis depending on the subject of evaluation

8 Penetration Testing Network Subnets

9 8 Kluge Burch Zimmerling Subnet Testing Maximum number of Hosts50 Testing Approach  Generic Work Program, Steps 1-4  Selection of a sample of hosts for more details analysis, Step 5 DescriptionInstead of choosing particular hosts, subnet testing refers to all hosts within the specified subnet. For practicability reasons subnets may not include more than 50 hosts. As it is unfeasible to test all hosts within the subnet with the same level of detail, this type of testing leaves it to the assessor to chose a sample of hosts that are considered the most vulnerable. Depending on the type of host and the outcome of the first four steps of the Generic Work Program the assessor will perform a set of targeted tests which are in his professional judgment the most suitable.

10 Application Security Assessment

11 10 Kluge Burch Zimmerling Application Security Assessment Description & ScopeManual test and verification of an application using valid authentication credentials. Comprises:  Generic Penetration Test of the hosts system (see previous pages)  Assessment of the Applikation against OWASP Top 10  Further assessment depending on effort spent in individual case Black Box Testing (Web, Mobile) Application only One Operating System  Host testing if necessary  Testing of the application according to OWASP Top 10 or OWASP Mobile Top 10 respectively  Supplementary tests according to OWASP Testing Guide  Exploiting as reasonable in particular case and subject to effort spent Code Review  Review of relevant part of application source code such as Sessions Management and Encoding  Review according to OWASP Code Review Guide Project Full Review  Black Box Testing and Code Review combined.

12 11 Kluge Burch Zimmerling Example Report

13 12 Kluge Burch Zimmerling Kluge Burch Zimmerling Ltd GRC Advisors Unit 4111 PO Box 6945 London W1A 6US +44 (0) 87 097 41 164 info@kluge-partner.com www.kluge-partner.com Registered in England and Wales. Company No. 9044082 ICO Security No. CSN5134480 VAT No. GB 188 5540 67 Registered Office: 22 Village Square, Stockport SK7 1AW, United Kingdom

Download ppt "0 Kluge Burch Zimmerling GRC Advisors Commodity Services Specification Penetration Testing & Application Security Assessment January 2015."

Similar presentations

PowerPoint presentation of first 25 pages of instructional manual Edith Fabiyi Essentials of Internet Access.

PowerPoint presentation of first 25 pages of instructional manual Edith Fabiyi Essentials of Internet Access.
Sergei Komarov. DNS  Mechanism for IP hostname resolution  Globally distributed database  Hierarchical structure  Comprised of three components.

Sergei Komarov. DNS  Mechanism for IP hostname resolution  Globally distributed database  Hierarchical structure  Comprised of three components.
1 Reading Log Files. 2 Segment Format

1 Reading Log Files. 2 Segment Format
I NDULGENC E There is no need for oversight or management direction. All staff members are superstars and act in the best interest of the company.

I NDULGENC E There is no need for oversight or management direction. All staff members are superstars and act in the best interest of the company.
Ahmad Radaideh.  Abstract  Introduction  Google Cached Content  GOOGLE HACKING Procedures  Google Advance Operators  Google hacking Result Categories.

Ahmad Radaideh.  Abstract  Introduction  Google Cached Content  GOOGLE HACKING Procedures  Google Advance Operators  Google hacking Result Categories.
Case Studies for Projects. Network Audit A brief description of the systems (via fingerprinting, if black box is used) Network perimeter should be described.

Case Studies for Projects. Network Audit A brief description of the systems (via fingerprinting, if black box is used) Network perimeter should be described.
SSH: An Internet Protocol By Anja Kastl IS 373 - World Wide Web Standards.

SSH: An Internet Protocol By Anja Kastl IS World Wide Web Standards.
Layer 7- Application Layer

Layer 7- Application Layer
CLIENT / SERVER ARCHITECTURE AYRİS UYGUR & NİLÜFER ÇANGA.

CLIENT / SERVER ARCHITECTURE AYRİS UYGUR & NİLÜFER ÇANGA.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Web Application Security Assessment and Vulnerability Assessment.

Web Application Security Assessment and Vulnerability Assessment.
Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing.

Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing.
 ENGR 1110 Introduction to Engineering – Cyber Security Allison Holt, Adam Brown Auburn University.

 ENGR 1110 Introduction to Engineering – Cyber Security Allison Holt, Adam Brown Auburn University.
1 Advanced Application and Web Filtering. 2 Common security attacks Finding a way into the network Exploiting software bugs, buffer overflows Denial of.

1 Advanced Application and Web Filtering. 2 Common security attacks Finding a way into the network Exploiting software bugs, buffer overflows Denial of.
Port Scanning.

Port Scanning.
11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 

11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
1 Application Layer Lecture 5 Imran Ahmed University of Management & Technology.

1 Application Layer Lecture 5 Imran Ahmed University of Management & Technology.

Similar presentations

Ads by Google