Sustainable IT security strategy
What exactly needs to be done to ensure the security of your IT infrastructure?
In order to be able to decide which measures need to be taken for the security of your IT systems, networks and applications, it is necessary to
- identify vulnerabilities in the IT system,
- verify the effectiveness of existing security mechanisms,
- identify any resulting threats,
- estimate their probability of occurrence,
- assess the damage potential and finally
- select and initiate measures to remedy the identified weaknesses or to reduce the risk potential.
With secunet's security analyses and penetration tests, all these steps can be covered from a single source.
Our secunet experts have been working as security analysts for almost 20 years.
With in-depth knowledge of network and system administration, coupled with a great deal of creativity, exceptional ingenuity and extensive experience, we reliably find the weak points through pentesting or "moral hacking" - with or without access rights.
Professional attackers use a variety of adaptive tools to operate efficiently. Without permanent adaptation of strategies, defenders are left behind. In this secunet training, you will practice under supervision how an attacker proceeds. In one of the AD landscapes specially created for the training, you can try out hacker tools without restraint. In the process, you will learn about hackers' tools and their limits. At the same time, you will also experience what signs these tools leave behind in the LAN and on the systems.
Know your Enemy
Until now, process networks have been strictly isolated as stand-alone networks and thus reliably separated from dangerous interfaces to the outside world - but thus also cut off from the corporate network. But IT networks and industrial process networks are growing together: Data exchange must be made possible and telecontrol networks opened up. But this offers attackers numerous new points of attack.
In a live process network hacking session, we will demonstrate the weak points that attackers can exploit and the attack options that exist in a network consisting of classic office IT, control network and plant control. For this purpose, we show a process network setup that clearly demonstrates the effects of attacks.
Working safely during the pandemic?
Remote Access Analyses
COVID-19-related regulations have sent many employees to home or mobile offices. In order to continue working effectively, many companies have established new access points or expanded existing ones at short notice. But how secure are these solutions? Is it better to use a VPN or should work be done via remote desktops? Are workstation systems being moved from the office to the home office, or is use-your-own-device the better solution? No matter what answers you have found, our pentesters will be happy to put your solution through its paces.
Live attack testing for optimal protection measures
Pentesting of classic IT systems
The execution of pentests in traditional IT (e.g. server, office and DMZ networks, but also detailed analyses of individual servers) is based on the OSSTMM test model and other standards such as the OWASP Testing Guide. We offer both broad and in-depth analyses. The tests are partly automated with a high manual part in order to achieve the best results. When documenting the results, we pay particular attention to the traceability of the tests so that errors can be effectively recreated in the aftermath of the analysis.
TEST OF ICS NETWORKS
Analyses even in a highly sensitive environment
Testing ICS networks
With secunet's procedure model, which is specially adapted to ICS networks, customer-specific analyses can also be carried out in this sensitive environment: Starting with the analysis of interfaces between office networks and ICS networks in the form of firewalls, routers and "data hubs", through the analysis of individual devices to complex traffic and security considerations in highly available system networks. In addition to the technical depth of the analysis, particular attention is paid to protecting the productive networks with regard to unexpected side effects.
Sustainable security solutions
The golden combination of regular pentests and continuous analysis
To ensure that no new problems arise as a result of fixing the security vulnerabilities identified in the pentest, the network should be monitored in such a way that these are detected immediately. The Advanced Security Analytics Platform provides you with an analysis of internal and external data traffic already during and especially after a pentest. Furthermore, it documents the success of the implemented measures already during the remediation of the identified vulnerabilities.
A combination of regular pentests and continuous analysis turns the time-limited perspective of a pentest into a sustainable security solution that can detect anomalies such as APTs.
You define requirements, scope and approach - we advise
Our approach is based on your requirements and offers the possibility to deal with pre-defined topics in a focused way. Thus, some important decisions are already made in the preparation, for example:
- Should only the resistance of the IT infrastructure to external or internal attacks be tested (security analysis) or should it be tested how far attackers can penetrate the infrastructure and to what extent they can cause damage (penetration test)?
- Should security analysis and penetration testing be performed without knowledge of the target objects (black box), with knowledge of the internal structures of the target objects (white box) or even equipped with administrative rights (configuration analysis)?
- Do individual systems / networks need to be excluded from security analysis or penetration testing?