Cybersecurity Assessment
Organizations today have deployed numerous technologies to handle near constant communication and to support day-to-day operation of the business. Businesses within virtually every market vertical have deployed IT systems to handle their most sensitive assets, infrastucture, and resources. Although these changes have resulted in unprecedented gains in productivity, they also provide new and exciting opportunities for the attacker. Wireless, Web-enabled, Mobile, and VOIP technologies have all added to the “attack surface” that is exposed by an organization. BLS offers a suite of CyberSecurity assessments which are intended to help organizations identify vulnerabilities, develop mitigaition strategies, and better manage overall risk.
Attack Surface Management
Internet-facing assets are a significant source of risk for organizations of any size. These assets, including on-premise servers, cloud storage, third-party applications, B2B integrations, APIs, and subsidiary-owned assets, collectively make up an organization's attack surface. Effective Attack Surface Management (ASM) and risk reduction requires continuous information gathering (domains, subdomains, web applications, web services, APIs, etc.) data validation, and analysis. BLS analysts combine all 3 functions to create our ASM service offering. Our analysts employ BLS tools and utilities to identify, enumerate, and test externally facing assets. Verification and validation testing for each vulnerability discovered reduces the incidence of false positives and provides for a more accurate determination of attack surface risk. Based on the risk analysis, the BLS team prioritizes vulnerable assets for triage and remediation and validates any fixes deployed.
Risk Assessment
A risk assessment will take a comprehensive look at how an organization achieves its business and mission objectives and provides a semi-quantitative measurement of risk based on business processes, critical resources, personnel, and natural and man-made threats. The risk assessment will consider the entire “attack surface” for the organization including specific trust relationships with subsidiaries, vendors, suppliers, and business partners. The primary objective is to address relevant threats and the potential for adverse impacts to information systems, operations, individuals, and reputation. BLS Operators will gather data and information from numerous sources including one-on-one interviews with corporate officers, program managers, subject matter experts (SMEs), and technical administrators. Assessment activities will also include asset discovery, vulnerability scanning, overt penetration testing activities, and analysis of relevant threats. Threat sources may include hostile attackers, human errors and misconfigurations, structural failures, and natural and man-made disasters. Threat sources may be gathered from multiple resources including existing threat intelligence feeds, previous cybersecurity incidents, and BLS Operator experience. The risk assessment package will include internal and external asset inventories, a final report and executive outbrief, and a detailed threat matrix. The risk assessment package provides a “heat map” for high risk areas and activities and serves as a data-driven road-map for future cybersecurity investments.
Vulnerability Assessment
Black Lantern Security engineers will work with organizations to develop and execute a vulnerability assessment based on prioritized business objectives, available resources, emerging threats, and resource sensitivity. BLS’s engineers use a mixture of open source, custom, and commercial tools to systematically assess the security posture of critical components without significantly impacting the daily operations of a business or organization. BLS will work to identify vulnerable products, services, and systems using the latest signatures, vulnerability research, and reporting. The team will also analyze systems, services, and infrastructure for mis-configurations that open up otherwise secure systems to attack.
Web Application Assessment
Each day, companies execute scores of internal and external web-based transactions using enterprise web applications and business tools. Web Application Assessments are based on the established OWASP frameworks and will test both internal and customer facing enterprise applications for misconfigurations, vulnerabilities, and basic logic flaws that would allow an attacker to access and exfiltrate sensitive customer data including (PII, PHI), intellectual property, financial data, or business intelligence. A thorough examination of the systems that support and service customers, employees, and partners is vital to maintaining business operations throughout the customer’s organization. BLS’s security engineers will work to ensure that these systems continue to function with the correct levels of confidentiality, integrity, and availability.
Wireless Assessment
A wireless assessment begins with the identification and enumeration of both authorized and rogue wireless access points. The information collected and analyzed will include deployed encryption, SSID, channel information, access point location, access point name, equipment vendor details, and hardware MAC addresses. This data will then be used to identify new or previously unknown vulnerabilities in wireless devices and configurations. The testers will provide recommendations for improvement with explicit steps to implement fixes.