External Infrastructure

WHAT IS EXTERNAL INFRASTRUCTURE

Your external infrastructure is also known as your public-facing infrastructure, is defined as all systems and services that are publicly accessible.

This is likely to include firewalls, routers, servers, and any other service which has a routable IP address. Whether it’s a cloud-based storage interface or your corporate web application they are all classed as external infrastructure.

External Infrastructure assessments identify what is possible from an external attackers’ perspective, which systems are accessible from the public domain and how they could potentially be exploited.

The general approach is to identify as much information as possible about your business or organisation. This is done using open-source intelligence (OSINT), utilising various sources of information such as email addresses, employee names and roles, potential usernames, software utilisation, directory, and folder structures, and operating systems are harvested.

“A patch that would have prevented the devastating Equifax breach had been available for months.“
“Most breaches we become aware of are caused by failure to update software components that are known to be vulnerable for months or even years“

WIRED | René Gielen, VP of Apache Struts, https://www.wired.com/story/equifax-breach-no-excuse/

The more information an assailant has, the more useful it becomes. As such, this should be addressed by any organisation that has a low-risk tolerance when it comes to cybersecurity.

Unfortunately, some aspects cannot easily be controlled; however, being aware of their existence and how the information can be weaponised goes a long way in focusing attention and dealing with areas that require it.

An automated scan is undertaken to identify any low hanging fruit, each system and each service is then manually interrogated for security concerns.

Laneden works closely with our clients to understand their drivers and build an appropriate scope of works.

We provide a thorough and independent examination of your corporate infrastructure to identify security vulnerabilities within the software, systems and network configurations.

We can provide an on-site debriefing of the findings explaining how attackers could potentially gain control of your systems and exfiltrate data.

A comprehensive report is written containing an executive summary which is consumable by anyone in the organisation regardless of their technical background.

The well-defined report contains enough detail to allow you to not only understand the potential attack vectors but also concise and clear guidance on how to either mitigate or remediate the concerns.

This vulnerability was disclosed back in March. There were clear and simple instructions of how to remedy the situation. The responsibility is then on companies to have procedures in place to follow such advice promptly

WIRED| Bas van Schaik, Researcher Semmle, https://www.wired.com/story/equifax-breach-no-excuse/

Methodology

Using a combination of automated and manual testing, our consultants will conduct a thorough assessment of your infrastructure, identifying vulnerabilities that may be exploitable by both authenticated and unauthenticated users across your network.

The use of automated tools and in-depth knowledge of manual testing allows us to accurately and effectively assess your infrastructure, maximising the time available.

Assessments are conducted in line with the current standards and methodologies utilised in the industry, such as those outlined in the Penetration Testing Execution Standard (PTES). Using PTES as guidance, Laneden defines our approach in six phases:

Pre-engagement
Intelligence Gathering
Vulnerability Analysis
Exploitation
Post Exploitation
Reporting

Deliverables

Our consultants engage with the client to discuss the scope and make certain all is in order prior to the assessment beginning

Communications at the beginning and end of each assessment day, confirming either the assessment is starting or ending for the day.

On-going communications from the engaged engineer, highlighting any major issues as they come across them.

A comprehensive report is provided containing an executive summary which gets right to the point of the associated risks and is consumable by anyone in the organisation regardless of their technical background.

Clear and concise information describing each issue to hand.

Technical references will be provided when relevant, allowing you to gather more information on the vulnerability if required.

Each vulnerability will be put into context and given a risk-based score. Utilising CVSS 3 scoring and relevant context you can get a real picture for each associated risk.

Simple remediation advice, advising what is required to remediate the relevant vulnerability.

FREQUENTLY ASKED QUESTIONS

WHAT IS THE PENETRATION TESTING EXECUTION STANDARD (PTES)

PTES is standard designed to provide both businesses and security service providers with a common understanding and framework for performing penetration testing.

WHAT IS AN EXTERNAL INFRASTRUCTURE ASSESSMENT

Generally, external infrastructure assessments or external penetration tests, look to identify security concerns within any publicly accessible server or service.

Laneden does not only look to identify known security vulnerabilities and exploit them. Our experienced engineers use open source information gathering techniques similar to those utilised by malicious actors, to identify as much information as possible on your organisation.

This information is then used to build real-life attack scenarios across vectors such as credential stuffing and password attacks. Giving you a real view of the risks associated with your public footprint.

SHOULD I CARE ABOUT EXTERNAL INFRASTRUCTURE ASSESSMENTS

Infrastructure penetration testing or vulnerability assessments can provide assurance that systems and security controls have been configured securely with best security practices in mind.

Provide assurance that no common or publicly known vulnerabilities are affecting your systems.

Help identify potential attacks vectors associated with any information you or your organisation may have publicly available.

If vulnerabilities are identified they can be remediated prior to a malicious actor taking advantage of them.

WHAT ARE THE BENEFITS OF AN EXTERNAL INFRASTRUCTURE ASSESSMENT

Common vulnerability identification and management

Potentially avoid extra costs and reputation damage due to a breach via a commonly known vulnerability

Helps identify security concerns before any malicious actors can abuse them

Provide evidence of compliance with regulatory bodies

To provide assurance to customers, suppliers and partners, proving you are taking measures to produce secure services and protect their data

Provide insight into potential risks associated with your network

Help identify publically available information that could be used to attack your organisation

Provide critical input into your risk management programs

HOW MUCH DOES AN EXTERNAL INFRASTRUCTURE ASSESSMENT COST

Assessments are priced based on the size of the relevant engagement, how many servers form the scope and any relevant complexities surrounding any scenario-driven requirements. Once requirements and drivers are understood a statement of works measured in days is produced.

The statement of works will describe the total man-days required to fulfil the engagement, priced per man day.

HOW DOES SCOPING WORK

Infrastructure assessment scoping is reasonably straight forward, our experienced consultants are able to confirm how many days would be required to complete the engagement based the amount of systems in scope.