Our Penetration Tests service line provides an in-depth view on the security posture of your systems and services. Penetration Testing is one of the most effective and budget-friendly methods to identify all vulnerabilities affecting your assets and identify how threat actor could gain a foothold within your infrastructure.

At Y-Security we use a largely manual approach to Penetration Tests including deep inspection of content and functionality. Our methodology completes industry standards such as the OWASP testing guide, the Mitre Att&ck framework and where applicable the CIS benchmarks for the in-use technology. This is supplemented by our novel research and gathered knowledge of performed Penetration Tests and Attack Simulations for our clients. Vulnerabilities chains are highlighted to expose the full potential a threat actor has when the assets are attacked.

CHALLENGES

IDENTIFY VULNERABILITIES

Environments and applications have changed in complexity throughout the years and it requires more than running an automated scan to identify vulnerabilities if you want to ensure you are not the next suffering from a breach.

EXPLOIT VULNERABILITIES

Risk associated with a vulnerability is often not fully determined and it remains unknown how far an attacker could get into the network by exploiting the vulnerability.

REMEDIATE VULNERABILITIES

Vulnerabilities often get remediated one by one without identifying the root cause for the issue which may be a lack of trainings or missing threat scenarios.

HOW CAN WE HELP

Y-Security provides its clients with the greatest up-to-date Penetration Tests methodology available that fits for small, medium-sized and large businesses alike. Our Application and Infrastructure Penetration Tests, Configuration Audits and Tailored exercises are aligned to industry best practice and combine our decades of years of experience in performing cyber resilience simulations with known, and (publicly) unknown, Tactics, Techniques and Procedures of real-world threat actors.

APPLICATION

Our Application targeted Penetration Tests are manual security assessments of pre-defined assets and aim to identify technical vulnerabilities that can be exploited by potential threat actors. You gain insights into the security posture of your application, how vulnerabilities are used by a threat actor and how to remediate those to strengthen the overall security posture of your application.

A gorilla as a logo for our Application service.
Location: Remote / Onsite
Variations: Web Application, Mobile Application, Thick Client, Code Review

With our team’s experience we deliver a wide range of standard attacks against applications, but also identify vulnerabilities in complex applications and workflows. No two penetration tests are alike and we take our time in each exercise to identify the application’s attack surface. This includes application specific technology and derived vulnerabilities of the technology as well as application specific workflows. Gathered information about the application is used during the Penetration Test to combine identified vulnerabilities and chain them to highlight potential attack paths a threat actor can take.

At Y-Security we use a largely manual approach to Penetration Tests including deep inspection of content and functionality. Our methodology completes industry standards such as the OWASP testing guide, the Mitre Att&ck framework and where applicable the CIS benchmarks for the in-use technology. This is supplemented by our novel research and gathered knowledge of performed Penetration Tests and Attack Simulations for our clients. Vulnerabilities chains are highlighted to expose the full potential a threat actor has when the assets are attacked.

Y-Security’s methodology includes the below categories for web based Application test and is extended when conducting other kind of application assessments such as Mobile Application assessments, Thick Client assessments or Code Reviews:

  • Application Discovery and Analysis
  • Authentication, Authorisation, and Session
  • Encryption
  • Information Disclosure
  • Input Validation and Data Sanitisation
  • Application Logic
  • Server Configuration

After the assessment you receive a detailed report including summaries for the executive and technical management. This is complemented by a detailed technical description of each identified vulnerability and in-depth guidance how they can be reproduced. Each description includes a recommendation for remediation and references to further sources such as Common Weakness Enumeration (CWE), OWASP Web Security Testing Guide and a rating such as the Common Vulnerability Scoring System (CVSS).

We also carry out Red Team exercises where we develop a unique targeted attack plan specific to your organization by combining our experience, known threats to your organization’s branch of industry and threats your organization faced.

Are you interested in testing your resilience?

Our Infrastructure targeted Penetration Tests are manual security assessments of pre-defined assets and aim to identify technical vulnerabilities that can be exploited by potential threat actors. You gain insights into the security posture of your infrastructure, how vulnerabilities are used by a threat actor and how to remediate those to strengthen the overall security posture of your infrastructure.

A snake as a logo for our Infrastructure service.
Location: Remote / Onsite
Variations: External Infrastructure, Internal Infrastructure, ICS/SCADA, WLAN

With our team’s experience we deliver a wide range of standard attacks against infrastructure components, but also identify vulnerabilities in complex networks and systems interacting with each other. No two penetration tests are alike and we take our time in each exercise to identify the network’s attack surface. This includes system specific technology and derived vulnerabilities of the technology as well as system specific workflows. Gathered information about the network is used during the Penetration Test to combine identified vulnerabilities and chain them to show potential attack paths a threat actor can take.

We also use our largely manual approach for Penetration Tests which includes deep inspection of content and functionality. Our methodology completes industry standards such as the OWASP testing guide, the Mitre Att&ck framework and where applicable the CIS benchmarks for the in-use technology. This is supplemented by our novel research and gathered knowledge of performed Penetration Tests and Attack Simulations for our clients. Vulnerabilities chains are highlighted to expose the full potential a threat actor has when the assets are attacked.

Y-Security’s methodology includes the below categories for External Infrastructure tests and is extended when conducting other kind of infrastructure assessments such as Internal Infrastructure assessments, ICS/SCADA assessments or WLAN assessments:

  • Active Reconnaissance & Network Mapping
  • Passive Reconnaissance
  • Automated Vulnerability Assessment
  • Manual Vulnerability Verification & Exploitation
  • Targeted Service Testing

The technical exercise is completed with a detailed report including summaries for the executive and technical management together with a detailed description of each identified vulnerability and in-depth guidance how they can be reproduced. Each description includes a recommendation for remediation and references to further sources such as Common Weakness Enumeration (CWE), OWASP Web Security Testing Guide and a rating such as the Common Vulnerability Scoring System (CVSS).

We also carry out Red Team exercises where we develop a unique targeted attack plan specific to your organization by combining our experience, known threats to your organization’s branch of industry and threats your organization faced.

Are you interested in testing your resilience?

Our Tailored Penetration Tests are manual security assessments of pre-defined assets and aim to identify technical vulnerabilities that can be exploited by potential threat actors. This approach is intended for assets that do not fall under our other service lines and where a customized methodology is needed. You gain insights into the security posture of your assets, how vulnerabilities are used by a threat actor and how to remediate those to strengthen the overall security posture of your assets.

A chameleon as a logo for our Tailored service.
Location: Remote / Onsite
Variations: Phishing, Environment Breakout, Embedded Device, Research, Social Engineering etc.

With our team’s experience we deliver a wide range of standard attacks against applications, infrastructure components, systems and non-digital assets. Our clients also required us to perform sophisticated attacks against bespoke assets and thats why we build Tailored Penetration Tests. No two penetration tests are alike and we take our time in each exercise to identify the best methodology and approach for our clients to fit with their requirements and add our long-term threat experience.

Tailored exercises typically require us to use a largely manual approach to Penetration Tests including deep inspection of content and functionality. Our methodology completes industry standards such as the OWASP testing guide, the Mitre Att&ck framework and where applicable the CIS benchmarks for the in-use technology. This is supplemented by our novel research and gathered knowledge of performed Penetration Tests and Attack Simulations for our clients. Vulnerabilities chains are highlighted to expose the full potential a threat actor has when the assets are attacked.

Methodologies created as part of our Tailored approach include a variety of different scenarios and components including but not limited to:

  • Phishing/Vishing/Smishing Awareness Assessments
  • KIOSK / Application / Desktop / Environment Breakout
  • Embedded Devices / IoT
  • Protocol Analysis
  • Research
  • Social Engineering

Reports for our Tailored exercises can be customized, but typically include summaries for the executive and technical management together with a detailed description of each identified vulnerability and in-depth guidance how they can be reproduced. Each description includes a recommendation for remediation and references to further sources such as Common Weakness Enumeration (CWE), OWASP Web Security Testing Guide and a rating such as the Common Vulnerability Scoring System (CVSS).

We also carry out Red Team exercises where we develop a unique targeted attack plan specific to your organization by combining our experience, known threats to your organization’s branch of industry and threats your organization faced.

Are you interested in testing your resilience?

Our Configuration audits are manual security assessments of pre-defined assets and aim to identify configuration vulnerabilities that can be exploited by potential threat actors. You gain insights into the security posture of your asset, how misconfigurations are used by a threat actor and how to remediate those to strengthen the overall security posture of your asset.

A sasquatch as a logo for our Configuration service.
Location: Remote / Onsite
Variations: Golden Image, System/Network Design , Firewall , Secure Configuration, Cloud

With our team’s experience we have insights into a wide range of technologies including operating systems, software solutions and devices. We combine our methodologies of Penetration Test exercises and Attack Simulations exercises to advise on security best practice configurations to strengthen the overall security posture of your asset.

Even with Configuration reviews we use a largely manual approach including detailed inspection of content and functionality. Our methodology completes industry standards such as the OWASP testing guide, the Mitre Att&ck framework and where applicable the CIS benchmarks for the in-use technology. This is supplemented by our novel research and gathered knowledge of performed Penetration Tests and Attack Simulations for our clients. Vulnerabilities chains are highlighted to expose the full potential a threat actor has when the assets are attacked.

Y-Security’s methodology includes the below categories for Configuration audits of a Operating System and is extended with asset specific configuration checks when conducting the audit:

  • Boot Configuration
  • Access and Authentication
  • Network Configuration
  • File System Analysis
  • Service Configuration
  • Logging and Auditing
  • Software and Patch Analysis

After the assessment you receive a detailed report including summaries for the executive and technical management together with a detailed description of each identified vulnerability and in-depth guidance how they can be reproduced. Each description includes a recommendation for remediation and references to further sources such as Common Weakness Enumeration (CWE), OWASP Web Security Testing Guide and a rating such as the Common Vulnerability Scoring System (CVSS).

We also carry out Red Team exercises where we develop a unique targeted attack plan specific to your organization by combining our experience, known threats to your organization’s branch of industry and threats your organization faced.

Are you interested in testing your resilience?

BENEFITS

IMPROVE SECURITY POSTURE

Identify and remediate vulnerabilities across your assets, to reduce the attack surface of a threat actor and lower the risk of a breach.

ENHANCE YOUR CAPABILITIES

Increase knowledge about latest threats and enhance guidelines of your development and IT team by identifying security gaps in your secure coding guidelines and threat models.

PRIORITIZE YOUR BUDGET

Spend your budget where it is needed most by performing targeted security assessments of your assets. Avoid wasting your budget on automated scans that do not identify vulnerabilities a real-world threat actor would find.