Infrastructure Testing

Vulnerability scanning allows for the identification of weaknesses through an automated process. This is advantageous for several reasons. Automation is fast, cost-effective, scalable, and accurate. Vulnerability scanners can pick up common security flaws quickly and efficiently, enabling proactive remediation steps. Salus has experience choosing the most appropriate vulnerability scanner as well as the type of scan, whether that be authenticated or unauthenticated.

Although it cannot replace human interaction, vulnerability scanning is an important step in ensuring that your organization is protected from common threats and is a cost-effective approach to ensuring cyber hygiene is evaluated and implemented within your environment.

Authentication and authorisation are a core component to your organisation’s security posture. As part of an Identify and Access Management (IAM), Salus will analyse your organisation’s handling of built-in roles, such as guests and administrators, in addition to custom roles and privilege assignments, to ensure that good practices are followed for account protection and minimising access permissions, thus reducing the likelihood and impact of compromised accounts.

A well configured firewall is one of the most effective methods of protecting your organisation from external threats and controlling any potential internal threats. As part of a firewall ruleset review, Salus consultants can provide assurance that there are no gaps in the firewall coverage, and that the rules are sufficiently strict to allow required traffic and nothing more.

Gaps in a firewall tend to filter in gradually as rules are created for testing purposes, infrastructure is repurposed, or newly deployed software require new firewall rules to function. An effective review of these is a collaborative effort between the consultant and administrators, allowing explanation, justification, and discussion between the two sides to balance business requirements and security guidance.

This assessment is designed to provide an objective overview of a device’s security posture against good-practice such as NCSC, CIS, or NIST. Whilst this review is primarily an assessment of the device itself, it can also expose improvements in the maintenance processes and practices used to administer the device.

This is achieved through analysis of patch status, security configuration, and relevant identity and access management, including typical device users, and service accounts. The benefits of this type of test can also show the impact of malicious insiders or compromised users that have the ability to move laterally through your environment, showing the potential tools that could be leveraged on a device.

A network device configuration review encompasses the assessment of specialised devices within networks such as routers, switches, load balancers, and others. By default, these devices can be loosely configured, or poor configurations might have been added in over time by environment administrators. Salus will assess the configuration state of the devices to ensure that they are adequately hardened for your specific network, to provide the greatest benefit to your security posture, whilst retaining business requirements. This is achieved through close communication with administrators to properly understand the requirements for the service, and provide you with actionable, intelligent results.

Containers used to share resources with the host are as vulnerable as all other technologies used to provide a segregated development environment, even more so with the presence of complex building blocks such as Kubernetes. This review takes place both within the specific container, reviewing both the container build and potential to escape into the underlying host.

For applicable solutions, the permissions of the container within the cluster or environment are explored, to identify and evaluate the potential for users to breakout and gain additional control of data and potentially compromise the environment.

Active Directory (AD) is the core service within the majority of large corporate networks, and its secure implementation is paramount to ensure that system and user data is safe from malicious insiders and compromised user accounts. This assessment takes into consideration the design of the domain, and its users and groups, all compared against Microsoft’s best practice guides. Due to AD’s complicated internal structure, permissions and delegations are often misconfigured and overlooked in typical reviews. With extensive knowledge and toolsets, Salus will identify any such configurations that may permit more access than was desired. Furthermore, the centre of the network, the domain controller, will be assessed to ensure its policies being pushed to the rest of the network are in line with best practices.

With a proven track record in identifying and exploiting high-sensitivity deployments of AD, and doing so in an operationally safe and secure manner, Salus consultants are capable of providing strongly justified impact statements and comprehensive explanations of complex attack paths that are common within an AD environment.

It’s a terrible feeling when you lose a laptop, mobile phone or personal device, but what impact does that forgotten or stolen device have on your organisation? As part of this exercise, Salus will verify to what extent your organisation would be threatened by an attacker that has acquired trusted organisation property, such as an employee’s work mobile phone or laptop. Additionally, Salus will provide assurance on whether sensitive data can be recovered from these devices and assess the security controls in place to prevent unauthorised data access.