Pentesting and Cloud Engineering Services
Last updated - June 24, 2021
Web / API Offensive Penetration Testing
Web Apps and API pentesting is primarily performed on modern web applications and/or IoT devices to identify and highlight security vulnerabilities. This exercise also helps businesses understand the threats, prioritize issues, and apply recommendations to mitigate them.
Our team identifies issues, reports them, and collaborates in real time with your team, allowing you to take immediate action and increase your cybersecurity posture.
During an assignment, we use well know testing frameworks such as:
- - OWASP Testing Framework v4.2
- - Web Application Hacker's Handbook v2 checklist
- - Penetration Testing Execution Standard (PTES)
- - OWASP Top 10 2019 for APIs checklist
- - NIST SP 800-115 Recommendations checklist
- - OWASP API Security Top 10 Vulnerabilities 2019
Infrastructure Penetration Testing
Infrastructure penetration testing helps you identify how a malicious actor could potentially access your data through your network. The test validates and exploits known vulnerabilities in your network infrastructure, helping to keep your sensitive information and system better protected.
Security Hubs tests infrastructure, internal and external, simulating a real attack through well-defined manual and automated techniques, ensuring maximum efficiency. Additionally, we look beyond what everyone else is doing and build custom footprinting or exploitation tools tailored to each client's project particularities.
At the conclusion of testing, we provide detailed PoC and recommendations on how to mitigate respective attack vectors.
Our high-level testing methodology key points are:
- - Footprinting
- - DNS Analysis / Subdomain enumeration
- - System fingerprinting
- - Port Scanning
- - Services enumeration
- - Information exposure through OSINT and other alternative resources
- - Manual verification of identified vulnerabilities
- - Exploitation attempt through public or custom exploits to probe and confirm issue
Thick Clients and Desktop Applications Penetration Testing
A Thick Client application refers to an application that runs on a user’s local machine where the client handles most of the business logic.
From a functionality big picture, this application type handles most of the validation, has access to various components, and works and processes temporary data that might contain sensitive data.
Thick clients are widely developed on:
- - Two-tier architecture - the client application communicates directly with a database through a database connection driver.
- - Three-tier architecture - the client application uses HTTP protocol to communicate with an application server and will then query a database to pull/pop data.
Security Hubs tests the Thick Clients and other desktop applications executing manual attack vector scenarios, including:
- - Client-Side attacks vectors(Binary Analysis, Local storage, and memory testing, etc.)
- - Traffic interception and manipulation
- - Communication protocol fuzzing
- - Server-side attack vectors (probing for Injection Attacks, Sensitive Data Disclosure, Denial of Service (DoS), and other similar case details as part of OWASP Ten Most Critical Web Application Security Risks framework)
Mobile Security Testing
Last updated - April 19, 2021
iOS / Android App Testing
Your iOS and Android mobile app are central to conveniently and reliably serving your customers. Knowing that your app is safe and secure means you can be confident your customers will never have an issue accessing and using it, keeping them engaged and excited about your product or service.
Security Hubs’ testing standards use a mobile application penetration testing methodology based on the following:
- - Open Web Application Security Project (OWASP) Testing Guide
- - OWASP Mobile Security Testing Guide (MSTG)
- - Technical Guide to Information Security Testing and Assessment (NIST 800-115)
- - OWASP Mobile Application Security Checklist
- - OWASP Top 10 2017 – The Ten Most Critical Web Application Security Risks
- a. Target scope reconnaissance
- b. Business and application logic mapping
- c. Engagement
- d. Manual vulnerability exploitation
Security Hubs performs mobile application security audits for iOS and Android through a native code analysis using custom-made scripts and tools like Frida, MobSF, or Objection. Our methodology is heavily oriented to search for vulnerabilities associated with local data storage, server communication defense mechanisms, and the overall API’s security.
We perform the following actions:
- - File System Analysis
- - Application Package Analysis
- - Reverse Engineering
- - Static Analysis
- - Dynamic Analysis
- - Inter-Process Communication Endpoint Analysis
Secure Code Review
Last updated - Feb 11, 2021
Source Code Security Review
There are two options to identify the vulnerabilities within an application, either through a grey box penetration testing or a source code review.
They both complement each other, but the added value of source code review provides the possibility to pinpoint insecure development patterns, logic flaws, and other exotic vulnerabilities that might be missed during a standard application pentesting engagement.
Security Hubs team members have unparalleled knowledge and experience in executing source code security reviews of applications developed in .NET, Java, RoR (Ruby On Rails), Python, etc.
We use automated, including a custom fuzzing engine and manual review methods to ensure thorough coverage.
Ongoing Assets Monitoring
Last updated - December 27, 2020
Security Hubs currently offers two types of services to help control our client’s Internet-facing assets;
Vulnerability Assessment (VA) or Asset Discovery. Both are designed to check, track, and highlight gaps and anomalies. Each package can also be tailored to fulfill other various client requirements.
Option #1 - Vulnerability Assessment(VA)
A Vulnerability Assessment (VA) service uses well-known scanning products. open source or commercial. Each product utilizes up-to-date vulnerabilities databases and are used during a scanning session, ensuring full coverage of the current tread trends. Security Hubs will conduct a gap analysis of the scan results and create a custom report that covers several key areas of variations over time and potential issues that will have to be addressed quickly.
Option #2 - Asset Discovery & Threat Intelligence
We use well-known and custom OSINT techniques and follow a thorough framework to uncover and highlight what information is available publicly associated with company assets, like employees, network details, application footprinting, etc. We provide a custom report containing all the data discovered and analyzed, which is summarized and filtered down to the traces that matter for your company exposure security.
Some of the tasks during an OSINT activity might include:
- - Identification of IP addresses, sub-domains, ports, and services that can increase our attack surface
- - Identification of technologies used, application platform, and other infrastructure details
- - Identification of sensitive information as API keys, AWS S3 buckets, leaked credentials
Smart Contracts Security Review
Last updated - June 25, 2021
The availability of this service will be announced soon...
Cloud Security Consultancy Services
Last updated - July 12, 2021
Cloud Architecture Security Review
With the adoption of cloud services, a business has to consider the new security risks such as data encryption policy, privacy, regulatory requirements, technical configurations, etc.
Security Hub's global cloud security engineers team provides comprehensive cloud architecture review for Amazon AWS and Microsoft Azure and offers actionable recommendations to remediate the gaps.
While other security service providers focus on highlighting security issues and misconfigurations, we are looking way much in-depth at your current architecture, involving elements from cloud deployment operational review, cost management review, performance efficiency review, reliability review, and architecture review. This way will provide you a clear picture of your cloud presence health status.
- - Step #1: We create a Data Flow Diagram (DFD) of your current cloud architecture.
- - Step #2: We perform a Threat Model against the Data Flow Diagram created previously.
- - Step #3: We identify and document the gaps identified versus well-known best practices adapted to the current company business model.
- - Step #4: We compile and provide the final deliverable named Gap Analysis report.
We use well know frameworks such as:
- - AWS Cloud Well-Architected Framework
- - Microsoft Azure Cloud Well-Architected Framework
Cloud Migration Consultancy Services
Last updated - July 12, 2021
Cloud Lift-and-Shift Migration Services
The lift-and-shift approach is the first step an organization should take when considering the migration journey from their current on-premise infrastructure to the cloud.
Strategy-wise, a lift-and-shift migration can be achieved during a short or a long-term time window and. This cloud adoption model will allow a business to start getting familiar with the cloud's benefits and downturns.
The following are a few benefits of considering moving from on-premise in the cloud.
- - Enhanced Security
- - Pay-by-use model
- - Improved performance
- - Scalability and resource elasticity
As a bespoke hint, the lift-and-shift cloud adoption model does not fit every company's needs, and it might require a re-architecting solution strategy before moving into the cloud. While there is no silver bullet for all the scenarios, we have the experience and knowledge to adapt. We are always happy to advise the stakeholders about what works the best under each circumstance.