Mobile devices
Experience has shown that mobile devices such as handheld devices for mobile order picking or cell phones are exposed to particular dangers. They can be stolen or attacked. Particular care must therefore be taken to secure these devices. The penetration testers check whether the security measures taken are sufficient for the respective application scenario. In addition to the technical measures, organizational measures are also taken into account and evaluated.
Physical penetration test
Even the strictest technical security measures against attacks via the network are quickly circumvented if a potential attacker can easily gain access to sensitive areas or physical access to industrial plants, servers or other important components. A physical penetration test focuses primarily on building access points, access control systems and monitoring measures.
Social engineering
Social engineering" refers to attacks that are not directed against technical systems, but against people. The "quality" of such attacks and their damage potential have continued to increase in recent years. Attackers create a credible legend and use it to provoke errors on the part of employees and service providers. Malware can be infiltrated in this way. Attackers can obtain access data. Fraudsters obtain sums of money.
In this form of audit, the experienced auditors from HBSN GmbH take on the role of the attackers. The question is how the employees react to such attacks. Do you disclose confidential data? Do you allow unauthorized persons access to security areas? It is important that the checks carried out are not directed against individual employees of the company. Your data will always be treated confidentially. The aim of the audit is to identify potential for improvement that affects the entire company and not individuals. Accordingly, adapted awareness-raising measures and training courses can be designed following the audit in order to improve the security level of the entire organization in a targeted manner.
Red Team Audit
In this form of testing, the classic penetration test is combined with both the physical penetration test and social engineering in order to create an attack scenario that is as comprehensive and realistic as possible. The special feature of this test is that, as a rule, only a very small group of people on the company's side are privy to it. This makes it possible to check whether a potential attack is noticed by a security team or the IT department, whether the correct reporting and escalation channels are followed, whether an appropriate response is made promptly and, ideally, whether the attack can be successfully repelled. The objective is therefore to review the overall concept of the security measures and their interaction.
WLAN access
WLAN access points, e.g. for employees, guests or in the production area, are known to be points of entry for attackers who want to gain access to internal networks in this way. In addition to securing access to the WLAN networks, this test also checks their security against other protected network segments.
Other devices and components
There are many other important devices and components with a network connection that experience has shown are not always the focus of information security considerations. These include, for example, locking systems, intruder alarm systems, fire alarm systems, monitoring systems and many more. Specific security checks can make a valuable contribution to the overall security of the organization, especially in connection with commissioning or significant changes to the systems. We will be happy to advise you on the design of specific security checks for your systems.
Mobile app analysis
Mobile applications are increasingly being used in production and logistics. Depending on the mobile application in question, the user group may include employees and service providers. Mobile applications can be critical for business processes. These applications and the underlying systems should be checked for their resistance to attacks. The experienced auditors at HBSN GmbH evaluate the security level of mobile applications holistically. In addition to the aspects of IT security, other technical and organizational measures are also evaluated.
White box penetration test
Real attackers generally do not have detailed information about the target systems or the target organization before the reconnaissance phase. For this reason, the reconnaissance phase in a so-called black box scenario is of crucial importance for real attackers and penetration testers if the test or attack is to be successful. Accordingly, both attackers and testers invest relevant resources of the available budget in the reconnaissance phase in relation to the other phases.
In white box testing, on the other hand, the testers have all the information about the system to be tested. This scenario therefore does not usually correspond to a real attack scenario. However, it should be noted that Kerckhoff's principle of modern cryptography can also be used for attacks against IT systems or penetration tests: Encryption systems must still be secure even if all information about the system or the algorithm is known, but the key used in each case is secret. According to this principle, a system must still be secure against an attack even if the attacker has all the information about the system but does not have passwords or secret cryptographic keys. From this perspective, white-box testing is considered a sensible approach, although it does not usually correspond to a real attack scenario.
External penetration test
Publicly accessible services and devices are exposed to daily attacks and must be optimally protected so as not to provide a target. An external penetration test is primarily concerned with identifying vulnerabilities in network components, servers, services and applications that are accessible via public IP addresses. Systems with such a public IP address that are operated in your company's internal networks must be given particularly high priority: Experience shows that attackers have often enough gained access to internal networks via such systems and caused damage there. Penetration tests against public IP addresses are carried out by penetration testers both manually and with the aid of automated tools.
Web application penetration test
A web application usually represents an interface between a user and a technical system. Depending on whether it is the website, i.e. the flagship of your company, or an internal web application that fulfills a specific task, vulnerabilities in such systems can have a serious impact on your company. A successful attack on your website can also damage your company's reputation in addition to the financial consequences. A successful attack on web applications that interface with internal systems may allow an attacker to gain access to other systems and cause maximum damage. In such a scenario, the functionality of the infrastructure operated in the respective network segment is jeopardized. An attacker may also be able to gain access to sensitive company data in this way. A web application penetration test serves to uncover vulnerabilities in the technical systems through which the respective web applications are implemented. Wherever appropriate, the experienced penetration testers at HBSN GmbH also provide recommendations on how the respective vulnerabilities can be closed. In this way, your web applications and your company can also be protected against experienced attackers.
Internal penetration test
The backbone of your company is its internal network. If an attacker is able to spread here, the economic damage can quickly run into the millions. Production may also be at risk. A penetration test against the systems in the internal network can uncover security gaps and reveal vulnerabilities before they can be exploited by an attacker. Penetration tests against systems in internal networks are carried out both manually and with the aid of automated tools. This requires close coordination between the penetration testers and the relevant contacts in your IT department.
Industrial controls
The industrial control of your production systems requires the use of numerous computers. These are often not immediately recognizable as such and are hidden as small components in control cabinets. Service providers may be able to access these switchgears online. If the control computers are vulnerable, they can be a target for attackers. In this way, attackers may be able to paralyze the production of a site. Accordingly, control computers with vulnerabilities must also be identified in the internal networks of the production facilities. The vulnerabilities must be closed promptly by the responsible service providers. This also applies if the control computers cannot be reached directly via the Internet: Hardening these systems reduces the damage that attackers can cause if they have already gained access to their networks. The experienced testers at HBSN GmbH examine your control systems for dangerous threats. On request, they will take over communication with the service providers responsible for the respective control systems.
Client devices
Devices that are used by employees and have access to the internal network can be a gateway for attackers. Unintentional operating errors by employees combined with incorrect configuration of the devices can also lead to major damage. Valuable data can be lost. Sensitive company data can be compromised. The security measures taken, the configuration of the devices and the up-to-dateness of the software running on them (patch level) are checked and evaluated. It is also checked whether a user or an attacker can "break out", e.g. from terminal sessions, into other network segments that should actually be protected.
Internal server
Your company's internal servers are critical components of your business processes and must be adequately protected in order to maintain business operations. These servers ensure, for example, the operation of ERP applications, applications for monitoring and controlling technical processes (production facilities, cooling systems, building management systems), applications for merchandise management and warehouse management, for order acceptance, for invoicing, for managing customer master data and, last but not least, for internal and external communication. If an attacker succeeds in infiltrating these systems, he may jeopardize the entire business operation. When checking the internal servers, the systems are tested for known vulnerabilities and security-relevant configuration errors.
Firewalls and network segmentation
The segmentation of the various networks, such as for system control or administration, is intended to prevent the attacker from spreading to other network segments in the event of a successful attack on systems in one network segment. In this way, the damage caused by the attack is limited. Without sufficient network segmentation and the correct configuration of the firewalls used, a successful attack against individual systems can have devastating consequences for the entire company. The experienced penetration testers at HBSN GmbH check whether the individual network segments are adequately protected against attacks from other segments. They verify whether the firewall configurations are error-free and whether the firewalls are functioning correctly.
Black box penetration test
In a grey box test, the auditor is provided with information about the systems to be tested by his contact person, insofar as the auditor needs this information to optimize the test and the client or contact person is aware of it. This procedure has the advantage that resources can be used for more detailed tests in the subsequent phases instead of for determining information during the reconnaissance phase, which may be available to the client anyway.
Grey box tests are recommended for the technical tests in order to be able to carry out the tests as efficiently as possible. This applies in particular to the testing of medical devices: When testing medical devices, close coordination between a competent contact person on the client's side and the tester is essential to ensure that the tester does not test or attack devices while they are being used for the medical care of patients.
Information about the target systems that is not available on the part of the client or the contact persons is determined by the auditors themselves, if possible, as part of the clarification phase.
