Press 's' to show speaker notes…
This slide deck is intended to be edited and used in a pitch to a partner, client or customer and is released under the Creative Commons Zero v1.0 license.
Thank you to all the contributors that make these documents amazing.
Terminology
Mindset
Communications
Common Fears
Methodology
Scenarios
Addons
Engagement type that targets a computer, network or web application infrastructure for a company.
This type of engagement focuses on the prevention security layer. Finding, testing, classifying, and verifying vulnerabilities in the company’s environment
Team based engagements that includes the IT, social, and physical verticals. This type of engagements focus on all three layers of security defense, prevention, detection, and response. Findings focus on systemic, broad spectrum vulnerabilities in narrative format.
(1 week)
Loud (no stealth)
Techniques
Login brute forcing
Fast / Large port range Nmap scanning
Vuln scanning / Web vuln scanning
SPAM style phishing
Separating attack techniques by day for ease of identification
Identify IT security maturity level
Test prevention security layer
AV / HIPS
Proxy services
Web Application Firewalls
SPAM / Phishing filters
Active or Post-Engagement Detection just to see if capabilities are working and can see “loud” attacks
Login Attempts
Company web login interfaces
VPN / Remote Access interfaces
Email interfaces
External / Cloud interfaces (Office365, Dropbox, Box, etc)
External / Cloud infrastructure (AWS, Azure)
Attempts to obtain code execution
If obtained, post-exploitation is in-scope to better identify impact of scenario
Identify authentication leak risk to the enterprise via stolen, backdoored, or disgruntled employee
Identify previously unknown authentication interfaces
Test prevention security layer
2-Factor Authentication / Multi-Factor Authentication
Test detection security layer
Foreign / suspicious login identification / alerting