Pentesting and Cloud Security Engineering
AppSec Penetration Testing
Web Apps and API pentesting is primarily performed on modern web applications and/or IoT devices to identify and highlight security vulnerabilities. This exercise also helps businesses understand the threats, prioritize issues, and apply recommendations to mitigate them.
Security Hubs' team identifies issues, reports them, and collaborates in real time with your team, allowing you to take immediate action and increase your cybersecurity posture.
During an assignment, we use well know testing frameworks such as:
- - OWASP Testing Framework v4.2
- - Web Application Hacker's Handbook v2 checklist
- - OWASP Top 10 Web Application Security Risks
- - NIST SP 800-115 Recommendations checklist
- - OWASP API Security Top 10 Vulnerabilities 2019
- - Penetration Testing Execution Standard (PTES)
Infrastructure Penetration Testing
Infrastructure penetration testing helps you identify how a malicious actor could potentially access your data through your network. The test validates and exploits known vulnerabilities in your network infrastructure, helping to keep your sensitive information and system better protected.
Security Hubs tests infrastructure, internal and external, simulating a real attack through well-defined manual and automated techniques, ensuring maximum efficiency. Additionally, we look beyond what everyone else is doing and build custom footprinting or exploitation tools tailored to each client's project particularities.
At the conclusion of testing, we provide detailed PoC and recommendations on how to mitigate respective attack vectors.
Our high-level testing methodology key points are:
- - Footprinting
- - DNS Analysis / Subdomain enumeration
- - System fingerprinting
- - Port Scanning
- - Services enumeration
- - Information exposure through OSINT and other alternative resources
- - Manual verification of identified vulnerabilities
- - Exploitation attempt through public or custom exploits to probe and confirm issue
Thick Clients and Desktop Applications Penetration Testing
A Thick Client application refers to an application that runs on a user’s local machine where the client handles most of the business logic.
From a functionality big picture, this application type handles most of the validation, has access to various components, and works and processes temporary data that might contain sensitive data.
Thick clients are widely developed on:
- - Two-tier architecture - the client application communicates directly with a database through a database connection driver.
- - Three-tier architecture - the client application uses HTTP protocol to communicate with an application server and will then query a database to pull/pop data.
Security Hubs tests the Thick Clients and other desktop applications executing manual attack vector scenarios, including:
- - Client-Side attacks vectors(Binary Analysis, Local storage, and memory testing, etc.)
- - Traffic interception and manipulation
- - Communication protocol fuzzing
- - Server-side attack vectors (probing for Injection Attacks, Sensitive Data Disclosure, Denial of Service (DoS), and other similar case details as part of OWASP Ten Most Critical Web Application Security Risks framework)
Mobile Security Testing
iOS / Android App Testing
Your iOS and Android mobile app are central to conveniently and reliably serving your customers. Knowing that your app is safe and secure means you can be confident your customers will never have an issue accessing and using it, keeping them engaged and excited about your product or service.
Security Hubs’ testing standards use a mobile application penetration testing methodology based on the following:
- - Open Web Application Security Project (OWASP) Testing Guide
- - OWASP Mobile Security Testing Guide (MSTG)
- - Technical Guide to Information Security Testing and Assessment (NIST 800-115)
- - OWASP Mobile Application Security Checklist
- - OWASP Top 10 2017 – The Ten Most Critical Web Application Security Risks
- a. Target scope reconnaissance
- b. Business and application logic mapping
- c. Engagement
- d. Manual vulnerability exploitation
Security Hubs performs mobile application security audits for iOS and Android through a native code analysis using custom-made scripts and tools like Frida, MobSF, or Objection. Our methodology is heavily oriented to search for vulnerabilities associated with local data storage, server communication defense mechanisms, and the overall API’s security.
We perform the following actions:
- - File System Analysis
- - Application Package Analysis
- - Reverse Engineering
- - Static Analysis
- - Dynamic Analysis
- - Inter-Process Communication Endpoint Analysis
Secure Code Review
Secure Code Review
There are two options to identify the vulnerabilities within an application, either through a grey box penetration testing or a source code review.
They both complement each other, but the added value of source code review provides the possibility to pinpoint insecure development patterns, logic flaws, and other exotic vulnerabilities that might be missed during a standard application pentesting engagement.
Security Hubs team members have a deep knowledge and experience in executing AppSec .NET, Java, RoR (Ruby On Rails), or Python secure code review.
We use manual and automated fuzzing engines review methods to ensure thorough coverage of the code package.
Exposed Assets Monitoring
Attack Surface Continuous Monitoring
Security Hubs currently offers two types of services to help control our client’s exposed Internet-facing assets;
Vulnerability Assessment (VA) or Asset Discovery. Both are designed to check, track, and highlight gaps and anomalies. Each package can also be tailored to fulfill other various client requirements.
Option #1 - Vulnerability Assessment(VA)
A Vulnerability Assessment (VA) service uses well-known scanning products. open source or commercial. Each product utilizes up-to-date vulnerabilities databases and are used during a scanning session, ensuring full coverage of the current tread trends. Security Hubs will conduct a gap analysis of the scan results and create a custom report that covers several key areas of variations over time and potential issues that will have to be addressed quickly.
Option #2 - Assets Discovery & Continuous Vulnerabilities Monitoring
We use well-known and custom techniques and tooling arsenal to scan, assess, confirm, and highlight low-hanging fruit security gaps and publicly available information that could be used against your organization. We provide a custom compliance-ready report containing all the data discovered and analyzed, summarized, and filtered down to the traces that matter for your business's current business model.
Cloud Security Consultancy Services
Cloud Architecture Security Review
With the adoption of cloud services, a business has to consider the new security risks such as data encryption policy, privacy, regulatory requirements, technical configurations, etc.
Security Hub's global cloud security engineers team provides comprehensive cloud architecture review for Amazon AWS and Microsoft Azure and offers actionable recommendations to remediate the gaps.
While other security service providers focus on highlighting security issues and misconfigurations, we are looking way much in-depth at your current architecture, involving elements from cloud deployment operational review, cost management review, performance efficiency review, reliability review, and architecture review. This way will provide you a clear picture of your cloud presence health status.
- - Step #1: We create a Data Flow Diagram (DFD) of your current cloud architecture.
- - Step #2: We perform a Threat Model against the Data Flow Diagram created previously.
- - Step #3: We identify and document the gaps identified versus well-known best practices adapted to the current company business model.
- - Step #4: We compile and provide the final deliverable named Gap Analysis report.
We use well know frameworks such as:
- - AWS Cloud Well-Architected Framework
- - Microsoft Azure Cloud Well-Architected Framework
Cloud Cost Management Review
Cloud Architecture Review
Cloud Operations Review