Cyber Offensive Security

Web Applications and Web Application Programming Interfaces (APIs) have changed the way we live our lives and has made it easier for people and organisations to gather and exchange data, purchase goods and services, provide social media engagement, and a lot more. However, this design benefit also means that Web Applications and APIs are one of the most commonly targeted areas by threat actors, resulting in some of the largest data breaches in Australia.

Web Application Testing allows organisations to assess and validate the security of its web applications – whether it is new or existing websites, web applications being deployed for the first time, or custom developed APIs being used between business-to-business networks.

The need for Web Application Testing can be driven by a multitude of reasons including: 

-Ensuring your web application hosting sensitive customer information is adequately secure;  
-Meeting a compliance obligation; and 
-Simply practising good security hygiene for a critical part of your business. 

We help our clients by conducting security testing over an organisation’s web application and APIs, where a trained team would (with permission) attempt to break into a web application just like an attacker would, to discover and validate vulnerabilities that exist.

Many prolific security incidents occur due to misconfigurations and vulnerabilities across an organisation’s external perimeter (e.g. unpatched or misconfigured firewalls, accidentally exposed applications, and VPNs). Sometimes, all an attacker requires is to find one weakness on your external perimeter, to achieve a foothold into your network to start causing damage.  

External Network Testing enables organisations to gain an understanding of what their external network surface looks like from the Internet and ensures that this surface is sufficiently secure. 

We help our clients by validating known and unknown network assets and performing a comprehensive vulnerability assessment and penetration test against them to help validate an organisation’s ‘external walls’ are sturdy and do not have gaps in them. 

There is a high and increasing risk that a motivated attacker gains an initial entry point into your organisation – mostly through rampant phishing campaigns or leveraging existing remote access technologies. However, if you do not practise defence-in-depth controls, or rarely contemplate ‘what an attacker can do once they’re in my IT environment’, then you may be missing opportunities to stop a threat actor from causing significant impact to your network.  

We help our clients by simulating a scenario where an attacker has gained initial entry into their environment (e.g. as a standard employee account), and performing testing to identify what an attacker can do there (e.g. lateral movement to a sensitive server and database, privileged escalation to an administrator account). Such testing provides assurance that the internal network is secure and helps them understand how strong their internal network controls are.  

When contemplating defence-in-depth of your infrastructure, it is important to consider the security controls of an endpoint device itself. Whether it is a user’s workstation, a shared kiosk sitting in a lobby, or even a server sitting in your cloud infrastructure, it is important to consider what actions a threat actor could do on the device itself. 

‘Standard Operating Environment (SOE)’ refers to the standards to which endpoints (e.g. user workstations, laptops, servers) are built and deployed to allow users and IT teams to function. Organisations should not only ensure SOEs are established, but they should also ensure these SOEs are built with security in mind. This includes hardening and removing unnecessary applications, services and permissions that come pre-configured or installed on the endpoint that increases the device’s attack surface.  

We help our clients in assessing their Standard Operating Environments and ensuring that they meet their objectives, which can vary from validating compliance controls and operating as intended, to answering specific security questions, such as “What could happen to us if someone lost their laptop?” or “What can an attacker do with this device from a standard user account?”. 

The security of an organisation’s wireless infrastructure is (at times) overlooked from a security perspective. Wireless technology has become ingrained in our everyday lives, with wireless infrastructure providing access not only to staff members, but also to the customers or guests of an organisation (e.g. hotel, restaurant, shopping centre wi-fi). If a wireless network is not properly segregated and secured, an attacker may possibly be able to escalate their access from a guest into employee access in an organisation’s corporate environment, without having to enter an organisation’s office physically. 

We help our clients by testing their wireless infrastructure to identify and validate whether there are any vulnerabilities that could be abused to steal information or compromise their corporate network. 

Mobile Applications are a part of everyday life. They are sometimes privy to sensitive information that we hold or used to perform sensitive actions (e.g. financial transactions, accessing and reviewing medical or PII data). This provides an opportunity for threat actors to steal or manipulate information from the organisation owning the application or potentially compromise the entirety of the organisation’s customers. 

We help our clients by testing their mobile applications for vulnerabilities to ensure the access and communication of data (between the mobile app client and servers) are adequately secured and validate that the data is securely stored.