Description

Security Footprint roleplays as a malicious corporate user, unauthorised third party/attacker or malware that has compromised a system within an internal environment. Key objectives include gaining access to high-value systems, application services and information stores. This type of testing typically highlights technical, operational and process control weaknesses that lead to unauthorised access of the company’s most valued I.T. systems and services.

Security Footprint has based its testing methodology on years of experience and industry recognised best practices for penetration testing. At a high level the security testing for internal corporate environments includes the following methodology:

• Information gathering and passive reconnaissance
• Identification of high value systems and associated supporting services in order to prioritise key targets in the environment
• Enumeration and analysis of weaknesses and vulnerabilities against high priority systems and services
• Active exploitation of vulnerable high-priority systems & services followed by further attempts to gain access and control of the overall corporate environment.

• Services
• Internal