logo
left banner
 
  News
 


SecurityExposure launched their On Demand Services.

Events

 

We are going to present research and technologies at conferences like RSA and InfosecWorld in 2008. See us at these conferences.

 
  Infrastructure Scanning Methodology
 

One of the key ingredients of the security process is the “methodology” to process the On Demand Scan for end client or corporate. Each externally exposed device is an “asset” for the corporate and these assets can be attacked by malicious intended agents. Our job is to protect these assets by identifying vulnerabilities in timely fashion. Our methodology is focused on corporate assets and capable of addressing wide range of asset base which includes operating systems, firewall, routers, switches, web/application servers, mail, DNS etc. Here is a walk down to our methodology and approach for complete security. 

Corporate Assets Footprinting – First step of scanning process is to identify corporate asset base. It is one of the critical steps, we are having our methodology and tools to query open records, DNS servers, search engines etc. to collect and identify assets for the corporate. This asset base is to be verified by the corporate before going for next phase. This gives a bird eye view to geographically spread corporate assets over Internet. This helps us to scope out other activities as well. 

Asset Discovery – In this phase we focus on discovering all live assets of the corporate. Traditionally, one can use ICMP to detect the liveliness but it is not enough to get accurate results. We are having various other means to identify asset position such as TCP or UDP scanning with flags manipulation or limited port exposure. 

Exposure mapping for an Asset – Each identified asset will be critically reviewed for posture mapping. Before identifying threats it is imperative to determine asset’s exposure. Following steps are required to complete this step.

Port Scanning – Scanning for all TCP/UDP open ports

Services Discovery – Identifying protocol and services running on open ports

Banner Detections – Enumerating to identify version and type of services through banner grabbing. We have technology to identify disguised banners as well for some critical services.

Threat Profiling and Risk Identification – On the basis of asset posture we run threat profiling on the asset to build test cases. Each set of open ports and services mapped to list of required security tests to identify possible risks associated with the exposure.

Vulnerability Detection – We perform various security tests against target assets on the basis of threat profile. All tests are performed and their results are analyzed in automated fashion to reduce false positives.

Vulnerability Validations – Our team analyzes detected vulnerabilities and validates them for the reporting purpose. This is where human intellect and security know-how comes into action. This makes our service more comprehensive over simple automated scanning products and services.

Mitigation Strategies – On the basis of found vulnerabilities our team builds and suggests a comprehensive recommendation to mitigate identified threat. This will be consolidated for each of the detected vulnerabilities.

Policy Compliance Mapping – If corporate is looking for compliance measure and they have signed in for those services then we map results with compliance standards like ISO/BS, PCI-DSS, HIPAA and SOX. This helps auditors to identify loopholes and remediate them before actual audits.

Reporting – Finally, comprehensive report will be generated and passed to the clients. Each client will have assigned project leader from our side and if needed one can setup a call to go over reports and findings.

This is the way each cycle of On Demand scanning finishes. This helps corporate to stream line their strategic security and can have tight control over all critical assets. It is on going process and depending on their need number of scans can be asked by the client.