Infrastructure Security

IT infrastructure as a concept has been rapidly evolving and expanding. We are involved in pushing the development of security within modern infrastructure.

Domains, networks, appliances, servers, client devices, etc. constitute a major part of an organization's attack surface. If given an initial foothold on a system within the bounds of a domain, an attacker can often elevate privileges and traverse the network. This is most of the time due to: a lack of proper network access control; users with weak passwords and/or excessive privileges; services running with old and vulnerable software; and very often a lack of detection and response when something unexpected happens.

Security in the Cloud

If you are using cloud services, such as Microsoft Azure, Amazon Web Services (AWS) or Google Cloud Platform (GCP), you need to make sure that your cloud environment is secure. We offer penetration tests and security audits of cloud environments to identify vulnerabilities and misconfigurations that could be exploited by attackers.

Read our best practice blog posts on Google Cloud Platform and insecure defaults in Google Kubernetes Engine.

We have also published an infrastructure audit report with the results of a security audit of the Guardian infrastructure on behalf of DNSfilter. The report can be found here.

Adversary simulation vs infrastructure penetration tests

If you have a Security Operations Center (SOC), a Security Information and Event Management (SIEM) system or similar you would want to assess and evaluate your processes. You would also want to know your gaps in detection capabilities and get qualified recommendations on how to improve them. Adversary Simulation can be executed either in cooperation with your security operations to identify weaknesses and help mitigating them, or acting as a real attacker to additionally test your organization's (Blue team) response capabilities. These approaches are commonly known as Purple and Red Team activities, respectively.

If you're not ready for an assessment of detection and response, and just want to know your infrastructure's weaknesses and how to mitigate them, we recommend a penetration test.

In both cases, we assume the role of an attacker - often equipped with a low privileged user in the domain/network - to complete tasks like the following:

  • Initial Foothold: Gaining access to a low-privileged end client, often incorporating the "assumed breach" scenario.
  • Active Directory Enumeration: Mapping out the AD environment to understand its structure and identify potential attack paths.
  • Network enumeration: Scanning and analyzing the network to identify vulnerabilities in its devices and setup.
  • Privilege Escalation and Lateral Movement: Attempting to escalate privileges and traverse the network.
  • Domain Takeover: Finding as many paths to domain takeover as possible within the project time frame.
  • Special objectives (optional): Compromise the crown jewels, access the database or secret documents.

The process and identified weaknesses will be documented and delivered in a report and a presentation. When the issues have been resolved or mitigated, we usually conduct a verification test and review the report accordingly.

Security awareness

To better protect your assets you need to make sure your users are aware of security risks and how to avoid common pitfalls. We therefore offer a range of trainings, presentations and workshops, often in conjunction with practical exercises such as phishing campaigns, technical labs and threat modeling sessions. We teach best practices for securing networks and applications as well as security testing methodology.

Threat Landscape Assessments

Knowing your internal IT infrastructure is one thing, but also knowing your online footprint and what you as an organization exposes to the world, within reach of any cunning Open Source Intelligence (OSINT) analyst, is crucial to keep your assets secure. We regularly perform Threat Landscape Asessment (TLA) which is a good measure of an organization's exposure and online security posture and is really quick and efficient, especially when performed on a regular basis.

General advisory

We are often tasked with giving our opinions on best practices and how to address discovered security issues in an advisory role. Our expertise in network security, Windows/Azure domains, server hardening and more can be utilized on a wide range of questions.

Contact us if you are interested in our services regarding IT infrastructure security.