Since all automated scanners include errors, both false positives and false negatives, we take the extra step of verifying that high impact vulnerabilities are actually present, so you don't end up wasting money and manpower chasing ghosts.

       The latest Heartbleed, Meltdown, or Shellshock vulnerability is all over the news. Your vulnerability scanners don't yet have signatures for it but attackers are already exploiting vulnerable systems worldwide.  It is a race against time and your staff don't have the expertise or time to test hundreds or thousands of potentially affected systems.  We can jump into action right away to tell you which systems are vulnerable and need to be patched ASAP.

       Your network is incredibly complex.  You have layers of Group Policy, nested Organizational Units and Active Directory Groups, each with differing access permissions.  Often this leads to over-privileged accounts.  Accounts which have access to more than they should.  Temporary accounts whose permissions were never revoked, old service accounts that are no longer needed, users who have changed roles but still have permissions on systems they no longer need.  Over-privileged accounts are sought out by attackers.  We can map out permissions in your network environment and identify areas and systems where permissions may be abused to find over-privileged accounts that have access to sensitive data and resources they should not have access to.

       Do you have a large team of software developers but lack enough security specialists to audit all the code produced?  ECR Security can help by conducting a static source code analysis to find common coding mistakes that could lead to disastrous security breaches.  Things like: strcpy instead of strncpy or java.util.Random instead of java.security.SecureRandom.  We can perform static analysis of the following languages:  HTML5, VB.NET, VB6, VBScript, Python, ASP, C#, Objective C, C++, Ruby, Java, Javascript, Php, Groovy, Perl, MSSQL and PLSQL.  Have your code tested by a security professional before you deploy it into production.

       We have experience with the sensitivities of legacy SCADA/ICS equipment.  Your control systems need to be available 24/7 but they haven't been updated in years and you know there are vulnerabilities that if exploited could be devastating.  How to test the equipment without downtime?  Other companies try to use the same scanning tools and techniques for standard network testing in a SCADA environment only to discover SCADA is uniquely sensitive and it results in unexpected downtime or permanent systems malfunctions.  We calibrate our tests on offline spares prior to doing any testing in a live environment so we know it won't cause problems.  Additionally we have a specialized toolkit just for SCADA testing including tests for some of the most widespread vulnerabilities.  Tests other security testing firms don't have.  Find out what security vulnerabilities are present in your environment so you can know what steps to take to remediate the risk.

       At the conclusion of the assessment, we provide you with a detailed report which will provide you with information about the number of systems affected by the vulnerability, any mitigating controls in place to reduce the threat level, the potential impact to the organization, and steps to be taken to remediate the threat.  Each report contains an executive summary written from a business impact point of view in terms a non-technical executive audience can understand with clear logic between vulnerabilities found and threats to company resources, productivity, competitive advantage, and intellectual property, including broad recommendations for changes to overall security posture and any policy level issues uncovered.  Additionally each report will contain a technical section with detailed information about specific vulnerabilities including CVE number for cross reference and steps to mitigate.  All the information your IT Dept will need to close the loopholes uncovered during the test and prevent a real attack.

         If you want more information or a price quote, please Contact Us.

       In addition to the normal penetration test engagement types, each engagement may specifically target particular aspects of the organization's security.  Physical security, operational security, and network infrastructure security.  In order to provide a thorough assessment of organizational risk, ECR Security offers the following specialized tests.

       Your organization faces a range of threats, from bored teenagers to criminal organizations with extensive skill and resources or maybe even nation-state adversaries.  Red Team testing goes beyond simply gaining access to X number of systems and focuses on gaining access to mission critical systems and data.  In this type of test only a handful of key personnel in executive management and the legal department know that a test is being conducted.  This is done to test incident response procedures and verify that your network defenders are checking logs and investigating alerts.  The testing is focused on stealth and evasion to see if an attacker can gain access to sensitive data and systems without being detected.

       Advanced Red Team test is the most realistic type of test and takes all the evasion and stealth of the normal Red Team test to the next level by trying to actually exfiltrate sensitive data and successfully circumvent IDS, egress filtering, and DLP protection, so every layer of defense is tested in a realistic way and you can see if there are any gaps in your security.  Give us a target and see if we can gain access to your most sensitive data and intellectual property without triggering any alerts and successfully exfiltrate it from the network.

       Exploiting the human element of security, this is a way to test the effectiveness of organizational policies and security awareness training programs.  Social engineering may include contacting employees via phone, email, or in person in an attempt to convince them to give up passwords or confidential data or download malware onto a company asset.  It may also include leaving CDs or USB sticks loaded with malware in common areas to see whether users load it on their work PC.  The most common test is a simulated phishing attack where we send out emails to some or all employees to find out how many users are willing to click the simulated malicious link.

       Wireless is often one of the weakest links in an organizations security, propagating to areas accessible to the public and using inadequate encryption and security controls to prevent capture of sensitive data and access to critical parts of the internal network.  Wireless testing may include attempting to access the network wirelessly from public locations such as the parking lot, reception area, bathrooms, public hallways, scanning for unauthorized wireless access points, cracking encryption keys in password based and certificate based authentication schemes, or setting up a rogue access point to collect logins from unwary users.  Many organizations are surprised to discover that using a separate guest network, WPA2, and NAC is not enough to protect them from wireless attacks.  Do you have users that move between segmented networks?  Can your defenses protect against a skilled attacker with a rogue access point using a Denial of Service attack against the legitimate access point?

       A physical security breach can quickly lead to a data breach.  Physical security testing may include a tester attempting to gain entry into the facility by impersonating service personnel such as janitorial staff, tricking an employee into providing access, spoofing ID badges, cloning RFID or magstripe smart cards, tailgating, climbing fences, sneaking past guard stations, or lockpicking interior and exterior doorways.  It may also include attempted evasion of security systems inside the facility, cameras and motion sensors, emplacing rogue listening or point-of-presence devices, and attempting access to protected areas such as server rooms, network/telephony closets, and executive offices.  How well do your employees follow No Tailgating policies?  Do your employees use cable locks on laptops and lock the screen when they walk away?  How much sensitive data can an attacker find unprotected in common areas like printer rooms?

         At the conclusion of the penetration test we will provide a detailed report of all activities including systems penetrated, accounts compromised, methods used to gain access, and proof of access in the form of screenshots, passwords, and data files.   Each report contains an executive summary written from a business impact point of view in terms a non-technical executive audience can understand with clear logic between vulnerabilities found and threats to company resources, productivity, competitive advantage, and intellectual property, including broad recommendations for changes to overall security posture and any policy level issues uncovered.  Additionally each report will contain a technical section with detailed information about specific vulnerabilities including CVE number for cross reference and steps to mitigate.  All the information your IT Dept will need to close the loopholes uncovered during the test and prevent a real attack.

         If you want more information or a price quote, please Contact Us.

       You are considering deploying new software or hardware and want to know what the security impact might be.  Let us test it for vulnerabilities first before you make a large purchase and deploy it on your network.  We will test for common flaws such as hard coded backdoors, weak or no encryption, and static passwords.  Wed don't need the source code or schematics and can use the software or hardware as provided by the vendor.

       If you suspect your network may have been infiltrated by hackers, we can do a thorough investigation to find out what damage has been done, which systems accessed and follow the trail of breadcrumbs a hacker leaves behind as he moves from system to system.  We can also purge your systems of any malware and backdoors left behind and close the holes the hacker used to get in to make sure he stays out.

       Hacking has gone from a hobby for bored teenagers to a multi-billion dollar enterprise populated by sophisticated criminal organizations with multi-million dollar budgets devoted to acquiring highly talented malware writers and research and development of new attack vectors.  These criminal organizations often work with unscrupulous governments themselves having budgets for hacking in the hundreds of millions and teams of hackers, exploit writers, malware command and control software developers in the thousands working collaboratively to find and exploit 0-days and develop undetectable malware with which they can conduct espionage or in some cases more destructive information warfare operations.  This symbiotic relationship between criminal organizations and unscrupulous governments has made the internet an incredibly dangerous place.  Even companies which specialize in security have been hacked.  Consider the following:

       Ordinary businesses can get caught up in information warfare operations conducted by various governments worldwide or become targets of well funded criminal organizations out to make a payday.  It is vital to know what the current threat environment is and whether your company has been targeted.  We can tell you about current trends in the hacker world that may pose a threat to your organization.  In addition we can monitor dark web hacker meetups for intelligence about whether your company is currently targeted or if hackers are currently selling access to backdoors on your network or password dumps of your users. These type of real time alerts can help your company respond appropriately to emerging threats and keep it off the front page of the New York Times.

         If you want more information or a price quote, please Contact Us.