We’ve started focusing on the security of appliances that are installed in corporate and government networks. To our amazement most of these appliances are more insecure than the operating systems and software that we’ve (being the security industry) been picking on so aggressively. In fact, we are looking at one appliance right now that is made up of software, that is unpatched, and dates back as far as 5 years. This particular appliance is vulnerable to at least 28 critical known security issues, and god knows how many other “unique” issues. Expect to see advisories from us in the future specifically focused on security appliances.
Free Information Kit
Like us on Facebook
penetrate (ˈpeni,treit’) — verb
1. To find or force a way into or through (something); pierce; enter
test [test] — noun
1. The means by which the presence, quality, or genuineness of anything is determined; a means of trial.
1. To identify the presence of points where something can find or force its way into or through something else.
vulnerable [vuhl-ner-uh-buhl] - –adjective
1. open to attack or damage; susceptible to harm.
assess [uh-ses] -verb
1. measure: evaluate or estimate the nature, quality, ability, extent, or significance of;
assessment [uh-ses-muhnt] - noun
1. to assess, the act of assessing;
1. an estimate, or best guess, as to how susceptible something is to attack or damage.
We received proposals from a half-dozen potential Vendors and Netrgard’s proposal was by far the most comprehensive.
They also seemed ahead of their competitors in essentially all technical security matters. We, therefore, selected them to perform a Blind External Penetration Test along with both remote and on-site social engineering. A thorough review of our physical security was also included.
We were very pleased with the results of their review. In tandem with our own IT Security Group, they we able to clearly identify where our IT security was strong and where it needed to be improved.
They provided us with practical recommendations to improve not only our technical IT security, but also advised us of needed enhancements to our physical security, while also advising us on how to limit our susceptibility to social engineering tactics. We were very impressed with the Netragard Team and would consider them for future engagements.
By Frank Berry