Safe performance of GreyBox pen tests during strict corona measures

The traditional way of working has changed for many companies because of the strict COVID-19 measures. Many people work from home and use facilities that companies offer to make this possible. The employees of NFIR are of course used to working digitally and a lot of work for customers is already carried out remotely. A good example of this are the penetration tests that we perform for our clients. Still, some changes in the execution of some pen tests changed for us, but we were already very well prepared for that.

What's the PentestBox?

As may be known, BlackBox pen tests are always performed remotely without providing our ethical hackers with relevant information such as login details for the (web) applications, websites and IT infrastructures. For GreyBox pen tests we often come on location because we need access to the environment that needs to be tested. Some time ago we started using a new solution for pen testing; the so-called PentestBox. This is a full-fledged computer that fits in the palm of your hand and needs to be placed behind the firewall in your office or data center network. The PentestBox communicates via a VPN connection (encrypted) via your internet connection to the pen testing domain of NFIR, so that the ethical hackers can access your network in a secure way without being physically present. If the internet connection cannot be established (temporarily), we offer a 4G dongle that can be placed in the PentestBox and provides the necessary internet connection.

Until recently we brought the PentestBox to our customers, but because of the corona measures we have the possibility to send it as a parcel by post. In this situation, a network administrator will of course receive instructions to correctly link the PentestBox to the network and activate it. When the pentest is complete, the PentestBox can be disconnected again and is returned registered. The data stored on the PentestBox is fully encrypted. At the moment we are also working hard on the virtual version of the PentestBox which can be installed as a ready-made package in the network of our clients. This as an alternative to the physical PentestBox. This virtual machine is especially useful in case access to the data center is currently difficult to facilitate.

To what extent is your homework facility technically resilient to hackers?

Do you have questions about the operation of this PentestBox or do you want to know to what extent your home working facility is technically resilient to hackers? Please contact us. We will be happy to speak to you and do everything we can to assist your organization in these turbulent times in the field of IT Security!

  1. A vulnerability scan provides a general picture of how IT security is organised. A pen test provides a more detailed picture of current IT security. A pen test provides a more detailed picture of current IT security.
  2. A vulnerablity scan is used to find commonly known vulnerabilities. In a pen test, attention is paid to all potential weaknesses
  3. Vulnerability scanning uses automated scans to detect vulnerabilities. A pen test also makes use of automated scans and the researcher actively seeks out vulnerabilities through a dose of creativity.

Penetration test or vulnerability assessment? – Penetration test? – Contact NFIR now

Our pen testers have a large amount of experience, a lot of creativity and up-to-date expertise. The NFIR pen testers have followed relevant training courses and obtained certifications such as OSCP. In addition, they have all received chief of police approval and signed confidentiality agreements.

How long a pen test lasts strongly depends on the environment that needs to be tested and the agreements made with the client about the attack scenarios to be used.

A Black Box pentest means that no information about the environment is shared with the pen testers beforehand. With a pentest based on the White Box principle, all information about the environment is shared in advance. If you are having a pen test performed for the first time and want to get an overall picture of your security, it is useful to have a Black Box pen test performed.

A Black Box pentest is especially suitable when an environment is being pen tested for the first time and you want to get an overall picture of the security. A Grey Box Penetration Test is an intermediate form of the Black Box and White Box Penetration Test, in which the researchers have limited login details and information at their disposal. The Grey Box pentest is generally used to see how safe an environment is from the perspective of an employee or customer.

Make arrangements with each other when the information should be delivered, when the pentest will take place, what the pen test means for the daily operations within your company and when the report will be delivered. The assignment must be clear and the information required in advance must be provided on time, otherwise a pentest cannot start.

The NFIR Pentest: how impenetrable is your network?

With the NFIR Pentest you can get certainty and advice about the safety of your network. NFIR for non-binding advice: 088 – 323 0205

The three main standards used by NFIR (depending on the environment to be tested) are the Penetration Execution Standard (PTES), Open Source Security Testing Methodology Manual (OSSTMM) and the Open Web Application Security Project (OWASP). The Common Vulnerability Scoring System (version 3) is used to determine the severity of a vulnerability. Furthermore, NFIR uses input from the client to apply a CIA weighting to the vulnerabilities found.