Organizations today have deployed numerous technologies to handle near constant communication and to support day-to-day operation of the business. Businesses within virtually every market vertical have deployed IT systems to handle their most sensitive assets, infrastucture, and resources. Although these changes have resulted in unprecedented gains in productivity, they also provide new and exciting opportunities for the attacker. Wireless, Web-enabled, Mobile, and VOIP technologies have all added to the “attack surface” that is exposed by an organization. BLS offers a suite of CyberSecurity assessments which are intended to help organizations identify vulnerabilities, develop mitigaition strategies, and better manage overall risk.
A risk assessment will take a comprehensive look at how an organization achieves its business and mission objectives and provides a semi-quantitative measurement of risk based on business processes, critical resources, personnel, and natural and man-made threats. The risk assessment will consider the entire “attack surface” for the organization including specific trust relationships with subsidiaries, vendors, suppliers, and business partners. The primary objective is to address relevant threats and the potential for adverse impacts to information systems, operations, individuals, and reputation. BLS Operators will gather data and information from numerous sources including one-on-one interviews with corporate officers, program managers, subject matter experts (SMEs), and technical administrators. Assessment activities will also include asset discovery, vulnerability scanning, overt penetration testing activities, and analysis of relevant threats. Threat sources may include hostile attackers, human errors and misconfigurations, structural failures, and natural and man-made disasters. Threat sources may be gathered from multiple resources including existing threat intelligence feeds, previous cybersecurity incidents, and BLS Operator experience. The risk assessment package will include internal and external asset inventories, a final report and executive outbrief, and a detailed threat matrix. The risk assessment package provides a “heat map” for high risk areas and activities and serves as a data-driven road-map for future cybersecurity investments.
Black Lantern Security engineers will work with organizations to develop and execute a vulnerability assessment based on prioritized business objectives, available resources, emerging threats, and resource sensitivity. BLS’s engineers use a mixture of open source, custom, and commercial tools to systematically assess the security posture of critical components without significantly impacting the daily operations of a business or organization. BLS will work to identify vulnerable products, services, and systems using the latest signatures, vulnerability research, and reporting. The team will also analyze systems, services, and infrastructure for mis-configurations that open up otherwise secure systems to attack.
Web Application Assessment
Each day, companies execute scores of internal and external web-based transactions using enterprise web applications and business tools. Web Application Assessments are based on the established OWASP frameworks and will test both internal and customer facing enterprise applications for misconfigurations, vulnerabilities, and basic logic flaws that would allow an attacker to access and exfiltrate sensitive customer data including (PII, PHI), intellectual property, financial data, or business intelligence. A thorough examination of the systems that support and service customers, employees, and partners is vital to maintaining business operations throughout the customer’s organization. BLS’s security engineers will work to ensure that these systems continue to function with the correct levels of confidentiality, integrity, and availability.
A wireless assessment begins with the identification and enumeration of both authorized and rogue wireless access points. The information collected and analyzed will include deployed encryption, SSID, channel information, access point location, access point name, equipment vendor details, and hardware MAC addresses. This data will then be used to identify new or previously unknown vulnerabilities in wireless devices and configurations. The testers will provide recommendations for improvement with explicit steps to implement fixes.