(a) Vulnerability Assessment:
A vulnerability assessment is the method of identifying, quantifying and ranking of vulnerabilities in a system. We provide two different types of vulnerability assessments:
An external vulnerability assessment is done from outside an organisation’s network. This test will indicate how an external attacker might be able to penetrate an organisation
An Internal vulnerability assessment is done from within an organisation’s network. This test will point out flaws that an attacker might exploit if he is inside an organisation’s network.
(b) Penetration Testing:
A penetration test involves identifying vulnerabilities in the system and then actively seeking to exploit these vulnerabilities in order to determine if they can be compromised.
This will help assess the maximum damage that can inflicted by exploiting a vulnerability. The PT can assess defense mechanisms in place & to validate devices available (Firewalls, AV’s, IDS) to prevent such attacks
There are two types of testing:
Black Box :
In this test, very limited information about the test target is provided
White Box :
In this scenario, the testers have all the background systems information of the test target
(c) Mobile Application Security Testing:
CSPF provides extensive testing of mobile applications on all platforms. We test mobile apps for security vulnerabilities and provide mitigation strategies for any vulnerabilities found.
(d) Web portal / Net-banking and E-Commerce site Testing:
We test websites and E-commerce portals for potential web application vulnerabilities. We combines standard testing methodologies with out of the box testing that uncovers vulnerabilities normally not found during methodological testing.
(e) Specialised Counter Cyber Espionage Service:
Cyber Espionage can be used by competitors to collect critical information, trade secrets, client data etc. Counter Cyber Espionage Services provided by CSPF aims to limit this by using the following methods:
• Test, Monitor and Protect critical information and servers
• Define data access roles (Stop data from reaching unnecessary people in the organisation)
• Deployment of Honeypots to learn attacker’s methodologies and targets.
• Spreading false data that might be picked up by adversaries and hence waste their resources and lead them on a wrong track.
(e) APT Analysis & Defence
APT Assessment (or) Analysis & defence for companies/banks:
An APT (Advanced Persistent Threat) attack is one where an adversary is relentlessly trying to compromise a specific target. These highly skilled and malicious hackers make use of most advanced technologies for their attacks. Unlike novice hackers who hack only when they get the opportunity, APT attackers will keep attacking till they get inside their target.
CSPF does specialised testing for APT attacks by simulating a real APT attack. This “war gaming” means making use of 0-day exploits, unusual attack vectors, social engineering etc. This will identify potential breaking points during a real APT attack.
Clients undertake APT assessments both on a pro-active basis, which then enables CSPF to set up an appropriate defence strategy , or as part of an incident response program to inform deterrence plans.
(f) Pre-emptive threat intelligence & remediation:
CSPF’s Pre-emptive threat intelligence aims to stop the attacker before the attack even begins. CSPF’s multiple sources within various security communities globally helps us to gain a perspective on originators of threats, nature of threats and the targets of such threats
CSPF has threat intelligence feeds from the darker parts of the internet that inform on major exploits/vulnerabilities likely to hit the public internet. We map attack vector-hacker profiles, existing attack patterns and match this against the technological power they may possess.
(g) Zero-day threat analysis:
0-days are one of the greatest and hardest to protect threats for an organisation. A 0-day is a security vulnerability that does not have a patch (unfixed). Their success & therefore damage rates are very high since attackers using 0-days have the least probability of detection by any firewalls/IDS/AV’s etc.
CSPF has obtained through original research and various channels well over a thousand 0-day vulnerabilities and can specifically test for these 0-days.
CSPF has 0-days in SCADA, Medical Software’s, Popular Servers & Technologies, Security Products, Desktop publishing software, Media Players and many other widely used tools and software.
A sample of the 0-days that are available can be shared with clients on request.
(h) Insider threat – attack assessment & remediation:
An organisation can be secured against all outside attackers but they are seldom secure from insider threats. An Insider Threat is either a “lone wolf” working for individual gain or a discontented/bored/threat seeking individual recruited by a competitor or an organised criminal network.
CSPF’s “Insider threat – attack assessment & remediation” program is tuned to weed out insider threats using cyber and physical analysis. We will also put tools and re-mediations in place to detect any future insider threats and limit the amount of critical information they have access to.