Netragard’s Badge of Honor (Thank you McAfee)
- November 15th, 2011
- Posted in Banking & Finance . Critical Infrastructure . E-commerce . Hardware . Healthcare . Manufacturing . penetration test . Realistic Threat . Research . Software . Total Infrastructure Compromise
- Write comment
Here at Netragard We Protect You From People Like Us™ and we mean it. We don’t just run automated scans, massage the output, and draft you a report that makes you feel good. That’s what many companies do. Instead, we “hack” you with a methodology that is driven by hands on research, designed to create realistic and elevated levels of threat. Don’t take our word for it though; McAfee has helped us prove it to the world.
Through their Threat Intelligence service, McAfee Labs listed Netragard as a “High Risk” due to the level of threat that we produced during a recent engagement. Specifically, we were using a beta variant of our custom Meterbreter malware (not to be confused with Metasploit’s Meterpreter) during an Advanced Penetration Testing engagement. The beta malware was identified and submitted to McAfee via our customers Incident Response process. The result was that McAfee listed Netragard as a “High Risk”, which caught our attention (and our customers attention) pretty quickly.
McAfee was absolutely right; we are “High Risk”, or more appropriately, “High Threat”, which in our opinion is critically important when delivering quality Penetration Testing services. After all, the purpose of a Penetration Test (with regards to I.T security) is to identify the presence of points where a real threat can make its way into or through your IT Infrastructure. Testing at less than realistic levels of threat is akin to testing a bulletproof vest with a squirt gun.
Netragard uses a methodology that’s been dubbed Real Time Dynamic Testing™ (“RTDT”). Real Time Dynamic Testing™ is a research driven methodology specifically designed to test the Physical, Electronic (networked and standalone) and Social attack surfaces at a level of threat that is slightly greater than what is likely to be faced in the real world. Real Time Dynamic Testing™ requires that our Penetration Testers be capable of reverse engineering, writing custom exploits, building and modifying malware, etc. In fact, the first rendition of our Meterbreter was created as a product of of this methodology.
Another important aspect of Real Time Dynamic Testing™ is the targeting of attack surfaces individually or in tandem. The “Netragard’s Hacker Interface Device” article is an example of how Real Time Dynamic Testing™ was used to combine Social, Physical and Electronic attacks to achieve compromise against a hardened target. Another article titled “Facebook from the hackers perspective” provides an example of socially augmented electronic attacks driven by our methodology.
It is important that we thank McAfee for two reasons. First we thank McAfee for responding to our request to be removed from the “High Risk” list so quickly because it was preventing our customers from being able to access our servers. Second and possibly more important, we thank McAfee for putting us on their “High Risk” list in the first place. The mere fact that we were perceived as a “High Risk” by McAfee means that we are doing our job right.