NETWORK SECURITY ASSESSMENT

Network Security Assessment
Network threat modelling

Exelcius Technologies threat modelling procedure is to optimize network security by identifying objectives and vulnerabilities, and then defining countermeasures to prevent, or mitigate the effects of, threats to the system. In this context, a threat is a potential or actual adverse event that may be malicious (such as a denial-of-service attack) or incidental (such as the failure of a storage device), and that can compromise the assets of an enterprise.

The purpose of Threat modelling is to identify, communicate, and understand threats and mitigation to the organisation’s stakeholder’s as early as possible. Documentation from the process provide system analyst and defenders with a complete analysis of probable attacker’s profile, the most likely attack vectors, and the assets most desired by the attacker.

Various threat modelling methodologies available, like: STRIDE, DREAD, PASTA, VAST, etc.

Below is the methodology followed by Exelcius Technologies:

  • ◈ Finalize Assessment Scope
  • ◈ Identify Threat Agent and Possible Attacks
  • ◈ Understand existing Countermeasures
  • ◈ Identify exploitable vulnerabilities
  • ◈ Prioritize identified risks
  • ◈ Identify countermeasures to reduce threat
Network penetration Testing

Exelcius Technologies primary objective for a network penetration test is to identify exploitable vulnerabilities in networks, systems, hosts and network devices (i.e.: routers, switches) before hackers are able to discover and exploit them. Network penetration testing will reveal real-world opportunities for hackers to be able to compromise systems and networks in such a way that allows for unauthorized access to sensitive data or even take-over systems for malicious/non-business purposes.

Network Penetration Testing process:

  • ◈ Information Gathering
  • ◈ Scanning
  • ◈ Fingerprinting
  • ◈ Vulnerability Scanning.
  • ◈ Exploit Verification
  • ◈ Reports
Wireless Penetration Testing

Exelcius Technologies Wireless Penetration test is an authorised hacking attempt, which is designed to detect and exploit vulnerabilities in security controls employed by a number of wireless technologies and standards, misconfigured access points, and weak security protocols

A wireless penetration test will include identifying vulnerabilities of the wireless network and providing guidance to strengthen the identified weaknesses

Approach for wireless penetration testing:

  • ◈ Scoping
  • ◈ Reconnaissance
  • ◈ Assessment
  • ◈ Reporting
  • ◈ Re-test
Network Device Configuration Assessment

Exelcius technologies Network Device Configuration Assessment activity involves a tool as well as checklist based assessment of security posture of critical networkdevices such as routers, firewalls, network IPD/ IDS, switches, etc.identifying any security weaknesses in the configuration and management of such devices.

Exelcius Technologies consultants would make use of best practices checklists and tools to conduct this activity. Interviews of Systems and Network Administrators, Information Owners and Device Custodians will be conducted to identify the current practices and analyse the gap vis-à-vis industry best practices.

Recommended Firewall Audit Process:

  • ◈ Identification of Network Devices for assessment
  • ◈ Identification for tools for assessment and checklist preparation
  • ◈ Review Change Management Process
  • ◈ Obtaining device configuration/ snapshots
  • ◈ Audit Firewall Physical and OS Security
  • ◈ Clean Up and Organize Rule Base
  • ◈ Conduct Risk Assessment and Remediate Risk
  • ◈ Ongoing Audit with tool
Network Architecture Review, Gap Assessment and Roadmap Creation

Exelcius Technologies Network Architecture Review methodology will comprehensively review the existing network infrastructure services within environment and identify methods to enhance and improve on the network infrastructure and support. A technical review of network architecture will be carried out to ensure it is capable and sufficient to meet the business needs.

Activities performed under this section can be mentioned in following four sections:

  • ◈ Review of Existing Network Infrastructure
  • ◈ Identification of important network devices, i.e. routers, switches, taps etc.
  • ◈ Technical Review
  • ◈ Policy Review w.r.t Network Infrastructure
  • ◈ Gap Assessment
  • ◈ Review & Recommendation report
  • ◈ Roadmap creation for improved infrastructure
NETWORK SECURITY