Many organisations rely on technologies and implementations that allow remote users to connect to their network resources. These environments are commonly restrictive for security reasons such as principle or least privilege.
A breakout assessment looks to find a way to BREAKOUT of this restricted space and into other network areas, in hopes of gaining access to valuable data or carrying out some other malice task such as espionage, fraud, brand defacement, malware deployment.
It is commonplace for companies to make their traditional desktop applications accessible from the internet by publishing them through virtualisation platforms such as Citrix or VMware.
These platforms make it easy for remote partners, vendors and employees to access resources and existing desktop applications on your network.
Isolating specific environments and simplifying access is a great idea; however, bad configuration of these environments and the systems that allow the access can lead to a false sense of security, data loss and system compromise.
Laneden is experienced in breaking out of these sandbox type of environments and can help highlight areas of concern.
Providing a thorough and independent examination of your environment, Laneden will get to work identifying configuration and application functionality that could potentially allow a remote attacker to gain access to the underlying operating system either via the published applications or other resources.
Looking for weaknesses such as an escalation of privileges, authentication bypassing and generally looking for any means to break out of this restricted space and exfiltrate data.
Any flaw in the environment that could allow a malicious actor to manipulate the restricted space and its resources to their advantage.
We can provide an on-site debriefing of the findings explaining how attackers could potentially gain control of your systems and exfiltrate data.
A comprehensive report is written containing an executive summary and is consumable by anyone in the organisation regardless of their technical background.
Along with enough detail to allow you to not only understand the potential attack vectors but also concise and clear guidance on how to remediate the concerns.
Using a combination of automated and manual testing, our consultants will conduct a thorough assessment of your infrastructure, identifying vulnerabilities that may be exploitable by both authenticated and unauthenticated users across your network.
The use of automated tools and in-depth knowledge of manual testing allows us to accurately and effectively assess your infrastructure, maximising the time available.
Assessments are conducted in line with the current standards and methodologies utilised in the industry, such as those outlined in the Penetration Testing Execution Standard (PTES). Using PTES as guidance, Laneden defines our approach in six phases:
- Pre-engagement
- Intelligence Gathering
- Vulnerability Analysis
- Exploitation
- Post Exploitation
- Reporting
- Our consultants engage with the client to discuss the scope and make certain all is in order prior to the assessment beginning
- Communications at the beginning and end of each assessment day, confirming either the assessment is starting or ending for the day.
- On-going communications from the engaged engineer, highlighting any major issues as they come across them.
- A comprehensive report is provided containing an executive summary which gets right to the point of the associated risks and is consumable by anyone in the organisation regardless of their technical background.
- Clear and concise information describing each issue to hand.
- Technical references will be provided when relevant, allowing you to gather more information on the vulnerability if required.
- Each vulnerability will be put into context and given a risk-based score. Utilising CVSS 3 scoring and relevant context you can get a real picture for each associated risk.
- Simple remediation advice, advising what is required to remediate the relevant vulnerability.
FREQUENTLY ASKED QUESTIONS
VMware describe a virtualisation platform as;
“.. many IT organizations must deploy multiple servers, each operating at a fraction of their capacity, to keep pace with today’s high storage and processing demands. The result: huge inefficiencies and excessive operating costs.”
“Virtualization relies on software to simulate hardware functionality and create a virtual computer system. This enables IT organizations to run more than one virtual system – and multiple operating systems and applications – on a single server. The resulting benefits include economies of scale and greater efficiency.”