+1-347-994-8732
+91-022-23532909Black-Box Network Discovery Service
Introduction
The black-box network exposure discovery service begins with nothing but the client's corporate name. The objective of this service is to unravel the amount of sensitive information, we as attackers can determine via just the corporate name.
As part of this audit, we will carry out passive information gathering processes, with the aim of gaining information about your organization, networks, websites, IP addresses, IT employees & any other information that may assist us in a Penetration Testing.
- Advanced Security Analysis identifies unknown vulnerabilities in applications and networks before they are exploited.
- Detailed Analysis of the application to identify threats that may jeopardize the confidentiality, integrity and availability of critical or sensitive data.
- Experience of tens of thousands of hours of security assessments, implementation, design, development.
- Expert managed, safe simulations of typical internet and insider threats, impact monitoring and easy to understand reports with corrective actions and best-practice recommendations.
- Prevent Loss of customer information, trust and organizational reputation.
Approach
The Security Brigade Black-Box Discovery Assessment methodology combines manual ad automated security testing techniques using open-source and in-house developed proprietary tools. This approach allows us to systematically identify potential security exposures and illustrate the associated risk to the application and business stakeholders.
Network Identification
We attempt to gather information about the various network, domain and IT assets owned by the organization and any relevant information about them.
Results from the Network Identification Process include:
|
|
Mapping Organization Locations
We would collect and document organizational information like the office locations, team strengths, key IT personnel, data centre locations, network end-points and gateways.
Identifying Key IT personal
A database would be created of information related to key IT personnel. This information would include personal details, personal accounts, birthdate, location, etc. This information can eventually be used during a PenTest to carry out successful and well-targeted social engineering attacks.
Deliverables
All of this information would be put into a report that would summarize the various pieces of information we were able to map and identify. The report would focus on the potential uses of this information from an attacker's point of view and the potential threat from exposure of these details.
Case-Studies
 | Black Box Network Discovery Service for a Leading Chemical Company Security Brigade conducted a Black Box Network Discovery Service for one of the Largest Chemical Companies with over 5,000 Employees based around the world. This case study highlights the process and methodology implemented to help the Client understand and quanitfy their exposure to external threats. |
 | Black Box Network Discovery Service for a Business Process Outsourcing Firm Security Brigade conducted a Black Box Network Discovery Service for a leading Business Process Outsourcing Firm. This case study highlights the process and methodology implemented to help the Client understand and quanitfy their exposure to external threats and in-turn understand the controls and measures required to secure their network. |
 | Black Box Network Discovery Service for a Leading Payment Gateway Security Brigade conducted a Black Box Network Discovery Service for one of the Largest Payment Gateways. This case study highlights the process and methodology implemented to help the Client understand and quanitfy their exposure to external threats while justifying and validating the security measures and controls in-place. |
Deliverables
Security Brigade's reporting process is industry-unique and aims to deliver maximum value to your organization and the administrations / developers directly interacting with the security audit. Each report is customer-specific and contains detailed information, proof of concepts, source code examples and configuration details with the aim of educating your IT teams for the long-term. The following are some of the deliverables you will receive on completion of a Black-Box Network Discovery Service.
Executive Presentation Provides a holistic overview of the entire engagement, detailing the issues from an impact and business risk perspective. The presentation is aimed at helping senior management quantify risks and take an informed decision while aligning security with business objectives. |
 |
Executive Report Provides a high-level summary of the systems, network and applications covered, vulnerabilities discovered and the recommendations made to mitigate the threats identified through the engagement. |
 |
Technical Report Provides comprehensive information about all the threats discovered on the systems, network and applications. It will include proof-of-concepts, technical explanations, remediation recommendations, screenshots, exploits, etc. |
 |
Project Summary Report Provides a detailed summary of the engagement, the vulnerabilities identified, recommendations made and current status of the identified issues. |
 |
Excel Vulnerability Tracker Simple and comprehensive vulnerability tracker aimed at helping the IT asset owner keep track of the vulnerabilities, remediation status, action items, etc. |
 |
Request a Call
- Black Box Network Discovery Service for a Leading Chemical Company
- Black Box Network Discovery Service for a Business Process Outsourcing Firm
- Black Box Network Discovery Service for a Leading Payment Gateway
Black-Box Network Discovery Service- Executive Presentation
- Executive Report
- Technical Report
- Project Summary Report
- Excel Vulnerability Tracker