Assessments of critical assets should take place on an annual basis to identify both known and unknown services and risk. Assessments offered by 4D5A Security use industry trusted security tools and tactics for multiple types of assessments. A blind external assessment of all 65,535 ports on a server typically takes 10-16 hours of total time. Discounts may be available for 50+ hours of assessment hours and/or new customers.
Blind External Vulnerability Assessment
A comprehensive assessment of all ports on a server to identify both known (to the client) and possibly unknown open and filtered ports and associated services. This includes banner checks and associated vulnerabilities to identify potential risk to any external actor attempting reconnaissance or exploitation on an external host. Blind External Scans do not include attempted intrusion, exploitation, or other forms of infiltration. Any areas of moderate to critical risk concern found in an assessment include recommendations for mitigation of risk. A penetration test may also be implemented with tools such as MetaSploit to attempt exploitation. An informed external vulnerability assessment is similar to a blind external vulnerability assessment but is limited to specific ports.
Internal Vulnerability Assessment
Internal assessments are an excellent follow on to an external assessment, for external facing assets, to validate findings and further map out areas of risk management opportunity. Internal assessments have many options from which to select as well as customization to meet your unique business needs:
Internal vulnerability assessments of specific ports or services for validation of an external vulnerability assessment report
comprehensive scan of all ports and services
validation of service pack levels and other details on a host (authentication required)
credentials cracking to identify non-compliant or weakly defended passwords in use
network topology and architecture
admin auditing: who has admin, and to what, and how should roles and responsibilities be managed for optimal risk management
policy management: reviewing policy, performing interviews, and providing recommendations for improved security governance
social engineering assessments of trusted insiders, including longitudinal metrics, to lower user based risk
Web Application Security Assessment
A web application security assessment involves an in-depth security review of a web application and web services. This assessment involves a comprehensive set of test cases to review an application for common web vulnerabilities such as SQL injection, cross-site scripting (XSS), sensitive information disclosure, input sanitization, session management issues, weak encryption, and intricate business logic flaws. Web applications are the front door to your enterprise, make sure they’re secure.
Mobile Application Security Assessment
A mobile application security assessment involves an in depth security review of a mobile application and associated web services. This assessment involves a comprehensive review of the security around the mobile application including proper authentication, local storage of sensitive data, proper binary protections, log analysis, data leakage and insecure inter-process communications. Mobile applications are ubiquitous and their security is critical to ensure your data is not exposed on a large scale.
Security Risk Report
A proprietary Risk Score and chart show the relative health of the network security, along with a summary of the number of computers with issues. This powerful lead generation and sales development tool also reports outbound protocols, system control protocols, user access controls, external vulnerabilities summary, and dark web password and credential breaches.
Security Management Plan
Helps prioritize remediation based on the issue risk score. A listing of all security related risks are provided along with recommended actions.
Consolidated Security Report Card
The Consolidated Security Report Card assesses individual computers based on security criteria. Devices discovered on the network are assigned an overall score, as well as a specific score for each of the assessment categories detailed in the report card.
Use this PowerPoint presentation as a basis for presenting your findings from the Network Detective. General summary information along with the risk and issue score are presented along with specific issue recommendations and next steps.
Anomalous Login Report
Expand your security knowledge and easily identify anomalous user logins with a value-add report that methodically analyzes login history from the security event logs. The report uses mathematical modeling and proprietary pattern recognition to highlight potential unauthorized users who log into machines they normally do not access and at times they normally do not log in.
External Vulnerabilities Scan Detail Report
A comprehensive output including security holes and warnings, informational items that can help make better network security decisions, plus a full NMap Scan which checks all 65,535 ports and reports which are open. This is an essential item for many standard security compliance reports.
External Vulnerability Scan Detail by Issue Report
A compact version of the External Vulnerability Scan Detail report that is organized by issues. Devices that are affected are listed within an issue. This report is useful for technicians that are looking to resolve issues, rather than performing remediation on a particular system.
External Network Vulnerabilities Summary Report
This report provides a prioritized listing of issues by CVSS so your technicians can work more efficiently. Its compact view lets a tech quickly survey the various issues that were detected in an environment.
Outbound Security Report
Highlights deviation from industry standards compared to outbound port and protocol accessibility, lists available wireless networks as part of a wireless security survey, and provides information on Internet content accessibility.
Security Policy Assessment Report
A detailed overview of the security policies which are in place on both a domain wide and local machine basis.
Share Permission Report by Computer
Comprehensive lists of all network “shares” by computer, detailing which users and groups have access to which devices and files, and what level of access they have.
Share Permission Report by User
Organizes permissions by user, showing all shared computers and files to which they have access.
User Behavior Analysis Report
Shows all logins, successful and failure, by user. Report allows you to find service accounts which are not properly configured (and thus failing to login) as well as users who may be attempting (and possibly succeeding) in accessing resources (computers) which they should not be.
Login History by Computer Report
Same data as User Behavior but inverted to show you by computer. Quite useful, in particular, for looking at a commonly accessed machines (file server, domain controller, etc.) – or a particularly sensitive machine for failed login attempts. An example would be CEO’s laptop – or the accounting computer where you want to be extra diligent in checking for users trying to get in.
Login Failures by Computer Report
Report identifies users who have succeeded in logging in to another machine. Great for auditing/logging purposes to know of all attempts.
Data Breach Liability Report
Identifies specific and detailed instances of personal identifiable information (PII) and cardholder data throughout a computer network that could be the target of hackers and malicious insiders. It also calculates the potential monetary liability and exposure based upon industry published research.
RSOP Computer Settings Report
This report analyzes the various Resulting Sets of Policy (RSOP) based on computer policy settings on computers in the environment and can be used to assess how many variants of settings exist in a network. Small variants might be a result of misconfiguration of misapplication of Group Policies at the computer level. Use this report to demonstrate how you might be able to create consistent policies or avoid one-off settings and misconfigurations that lead to inconsistent security policy application.
RSOP User Settings Report
This report analyzes the various Resulting Sets of Policy (RSOP) based on user policy settings on computers in the environment and can be used to assess how many variants of settings exist in a network. Small variants might be a result of misconfiguration of misapplication of Group Policies at the user level. Use this report to demonstrate how you might be able to create consistent policies or avoid one-off settings and misconfigurations that lead to inconsistent security policy application.