Don’t wait for the strike, anticipate it

They will support you by performing penetration tests on your sensitive assets and uncover vulnerabilities that could be used in a successful attack path.

We base our approach on different well-known frameworks:

OWASP - Open Web Application Security Project

For all types of application security, the Open Web Application Security Project (OWASP) is one of the most recognized frameworks. This methodology, developed by a very well-versed community, has helped many organizations to uncover vulnerabilities.

This framework provides a methodology for web application pen tests that helps to uncover common web and mobile application vulnerabilities, but also complicated logic flaws that result from insecure development practices. The framework provides guidelines with many controls to assess, allowing pen testers to uncover vulnerabilities within a wide variety of functions found in modern applications.

PTES     - Penetration Testing Execution Standards

Penetration Testing Execution Standard is a pentest framework designed by a team of information security professionals. It highlights the most recommended step by step procedure to structure a security assessment. This standard explains the different steps of a pentest including the preparation, information gathering, as well as the threat modeling phases.

We decided to mix them together to capitalize on the best parts of each one and be able to cover our client’s attack surface as effectively as possible.

To deliver the engagement, we apply the following methodology based on several years of experience and “try & fail”:

• Kick-off meeting,
   
• Information gathering,
   
• Identification of possible entry points,
   
• Manual & Automated tests,
   
• Attempts to break in,
   
• Perform lateral movements,
   
• Report the findings,
   
• Optional retest.

We can perform engagements in 3 different modes :

• Black box: we don’t have any information in advance about the targets in scope, except the targets’ address or domain names,
• Grey box: the client gives us minimum information to begin the engagement. Then, they can supply more information on-demand in order to go deeper and not remain blocked on a specific point,
• White box: the source code, full configuration information, architecture documents, etc. are available.

The main difficulty is to find the right balance between allocated time and information availability. The objective is to be as close as possible to a real attack, but in a limited amount of time,

despite a real attacker would have several months for the reconnaissance phase. This is why we recommend a grey / white box approach to improve the return on investment for the client.

The mindset of the team is to be fully transparent with the client by delivering a high-quality report composed of:

• A high-level executive summary where we move the vulnerability from a technical context into a business context to make management understand what the consequences in case of exploitation are,
   
• A technical section where vulnerabilities per domain are sorted by remediation order. To sort them, we use specific and easily understandable criteria, that take the business/technical context into account
   
• All scripts, command lines, software etc. used to uncover the vulnerability are described in the report, in case the client wants to replay himself the attack,
   
• A high-level conclusion in which we give our opinion and recommendations about the security of the targets in scope.

Several added values can be identified with this type of engagement. Amongst others:

• Giving your team members real experience in dealing with a security breach,
   
• Uncovering security aspects that are lacking from a technological or process point of view,
   
• Uncovering the most-at-risk routes to your sensitive assets.

As trust and proximity are strongly linked together, our team can support you with a high availability all around Switzerland. We can also ensure management proximity, as ELCA Security is a real Swiss and independent actor.

Cybersecurity is an investment on a long-term perspective to anticipate future potential cyber-attacks and limit their impacts on daily business.

For most companies, it is not justified to invest substantial amounts in this domain. This is why ELCASecurity proposes several discovery assessments to allow you to make a first step into the Cybersecurity world.