Having your entire internal network and all nodes screened

Read here all the networking tech stuff we bring with us when we go testing

With this pentest-plus approach we screen your network like a hacker. We always use two approaches: the black-box approach and the white-box approach.

"De kwaliteit is erg goed en we werken heel fijn met Secwatch samen. Ze zijn erg gewillig met interpreteren van de bevindingen, waardoor je precies weet waarom sommige zaken naar voren zijn gekomen."

Anoniem, directeur van een cloud documentsysteem met een paar 100.000 personeelsdossiers

"Secwatch neemt je mee gedurende het hele traject. Je wordt goed geïnformeerd over de voortgang, over wat er gaat gebeuren en op elk moment."

Matthijs Brunsting, Teamleider software ontwikkeling bij Solviteers

"Secwatch levert precies wat wij nodig hebben en niet meer. Ze zijn onze vaste partner voor vulnerability-scans op ons netwerk. Daarnaast doen zij een aparte scan op de applicatie die wij aanbieden. Niet alle partijen kunnen dat eenvoudig scheiden van elkaar, Secwatch wel."

Anoniem, risk manager bij een grote verzekeringsmaatschappij

Black box approach

In this approach, we emulate the behaviour of a cybercriminal and try to get into your system like a (sl)real hacker. Therefore, our ethical hackers use the same tactics and the same kill chain that a hacker uses to, for example, place ransomware on your systems or steal data. We:

 

  • create a plan of attack to try to “break in”
  • investigate whether we can increase our rights
  • test whether we get noticed by detection systems along the way
  • approach it from a cybercriminal’s perspective & from a threat from within
pentest experts met veel kennis en ervaring

White box approach

With this approach, we do know the internal workings of the network and our testers go deep into the network looking for threats. We:

– subject the active network components, all endpoints (workstations, laptops, tablets, printers, smartphones, and so on) and core components (servers, firewalls, routers, switches and other IP-related applications) to a comprehensive analysis

– test the internal network and connected devices

– search for vulnerabilities, patch status and configuration errors

It is also possible to use a grey box approach where the hacker has a login account with minimal privileges. With this, the ethical hacker tries to increase his rights and to capture data that are not meant for this account.

How do our ethical hackers test?

Based on internationally used standards such as thePenetration Testing Execution Standard (PTES), the ISO 18028, the NIST Cybersecurity framework and the CIS Controls, our ethical hackers test the network infrastructure on at least the following components:

  • vulnerabilities and configuration errors at system and application level
  • network security
  • security management
  • network security architecture
  • securing communication between networks using security gateways
  • securing end points
  • security of remote access

The analyses are carried out in 5 phases:

  1. Prepare for battle

    In this phase, the tester prepares his/her tools for the assessment and we define the framework of the scan to be performed: we determine the out-of-scope assets, the network quality and the time available.

  2. Reconaissance

    During this most important phase, we (passively) explore, mapping the environment (footprinting) through passive and active enumeration techniques. In this phase, we try to capture the organisation's digital footprint and attack surface, among other things.

  3. Validatie en verkenning

    Based on the findings from phase 2, we draw up an attack hypothesis and start actively (but constructively) scanning the assets; these include port scans and vulnerability scans along with manual actions. These are our 'soft' attack techniques.

  4. Vulnerability scanning en exploit testing

    Deep dive! We dig deeper and deeper to actively reveal vulnerabilities, configuration errors and exploits. This is done during both the internal and external black box (without login) scan. During the internal assessment, this is followed by the white box scan. Exploits are of course executed OpSec-safe here.

  5. Validatie en rapportage

    We resurface and analyse and verify all scan results, found data, vulnerabilities and other data. We also classify and validate the vulnerabilities found and filter out the false positives. All test results are clearly detailed in our report with technical appendix.

Understanding guarantee

There is nothing more dangerous than a report that is misinterpreted or half-implemented. That is why we guarantee that every IT or security officer in your organisation understands the report 100%. So that you are able to take exactly the right actions quickly and adequately.

I want every expensive threat mapped out

Phone number copied to clipboard