Services

Security Assessments

Is Your
Network
Secure?

Find out now with Loki Labs security assessments. Assessments are personalized for the needs of your organization, and can be adjusted to fit your requirements for scope, depth, and urgency.

The sections below will help you understand your options and the services we can provide. We want you to be confident in your decisions and are more than happy to take the time with you to ensure we accomplish these things together.

The Process

How it Works

The first step is finding your end goal. Every organization has a different reason for testing their network and Loki will focus on that in order to figure out the type of assessments you actually need. We will help you decide which tests are necessary then quickly provide a straight-forward quote for the project.

For a true security assessment, we matched our testing options to phases of the hacker methodology. There are various models but most of them agree on four initial phases:

  • Reconnaissance
  • Scanning and enumeration
  • Gaining access and privilege escalation
  • Expanding access

We follow a similar phased approach then follow it up with additional stages for clean-up, reporting, remediation, and on-going support.

EXPLORE OUR PHASES AND OPTIONS

Reconnaissance

This is an optional Open Source Intelligence (OSINT) Information Gathering stage where our team discovers your organization’s digital footprint by gathering as much data as we can using publicly available resources. This recon phase makes the difference between a “black box” or “white box” test.

This can take a bit of time to do thoroughly but can yield a wealth of information that could be used by an attacker for targeting your operations and personnel.

Vulnerability Assessment

Scanning and Enumeration

Using automated tools and manual processes, we scan for exposed ports and services, known vulnerabilities, misconfigurations, and deviations from industry standards and best practices.  We look for the vectors that could give an attacker the opportunity to access your networks, data, or users.

We can run a vulnerability assessment for a project as small as one web application or as large as your entire network. Just give us an estimate of how many and what kind of devices we’ll be evaluating, and if there is anything that is off-limits during the test.

Web Test Options
  • Website Mapping
  • Web Application Enumeration
Network Test Options
  • External Network Scanning and Enumeration (Internet-facing and/or DMZ devices)
  • Internal Network Scanning and Enumeration (LAN or intranet devices)
  • Wireless environment sampling and analysis (Wi-Fi, etc.)

Exploitation

Gaining Access, Privilege Escalation, Expanding Access

In this phase, we gain access by leveraging previously discovered vulnerabilities, just like an attacker would. Depending on the services you choose, we can attempt to gain access from the internet, from inside your network (like an insider threat), using social engineering against your personnel, or physically entering your facilities. We can also audit your security policies and review code exposed during this phase.

  • Red Team Assessment
  • Exploitation
  • Physical Security Test
  • Social Engineering / Phishing Test

Clean-up and Reporting

Included with every Security Assessment

We understand the importance of maintaining business productivity. Loki’s team of security engineers have years of experience performing security tests on critical systems with minimal impact to daily operations. At the end of any evaluation, we will remove all tools or appliances that were used, leaving things as we found them.

After finishing all phases of the assessment, we will provide you with a detailed report of what we did and what we found, as well as suggestions for remediation of any security concerns. Our reports are exhaustive –with guidelines and recommendations for fixing identified vulnerabilities.

Remediation and Ongoing Support

What good is a security assessment if you’re left without a resolution? If you opt for remediation verification, Loki will work with you and your team to verify that vulnerabilities are fixed and no longer usable by an aggressor. We will retest the issues we found in our original evaluation once you have had a chance to fix things up. We’ll also provide you with an updated report of our findings and suggestions.

We can present our findings in a report or deliver them to your personnel in-person, as part of a training session to help you maximize the impact of what we’ve learned about your cyber security posture and help you to better prepare for the future.

If you are interested in on-going 24/7 monitoring of your networks, we also offer Managed Security Services. This allows those same world-class cyber operators that conducted your Cyber Security Assessment to watch for threats as they emerge, and react before your organization becomes a cyber crime statistic.

Our options for this phase are:

  • Remediation Verification (Retesting)
  • Training
  • Managed Security Services

Black Box, White Box, Red Team, Pen Test

No, this isn’t a Dr. Seuss book

Black Box vs. White Box

Our security evaluations can begin with different levels of knowledge about your organization, network, and systems.  In a “black box” scenario, we don’t know much more than the name of your company and the conditions of the testing we are to perform.  We follow established hacker methodologies to gather as much information as we can from all available resources, just the way an attacker likely would.  This reconnaissance phase can be a bit time-consuming, but can offer a very good idea of what information is openly available about your organization, its resources, and personnel.  It is often eye-opening to realize what information is open to the public, or what employees give away on forums and social media.  These pieces of information could be leveraged to gain further access, when pieced together by a determined attacker.  We will then verify the data we collect about your organization and networks with you, before continuing with our security assessment.

In a “white box” scenario, you provide details about your network to facilitate our evaluation, in lieu of the initial reconnaissance phase, or in situations were our “black box” evaluation did not provide enough information for us to continue to conclusion.  This can save time, or could be used to set up a specific test condition or scenario, but may require you to do a bit of work to gather that information.  We may also provide you with software to install on a machine inside your network, or provide you with an appliance for the duration of the assessment, so that we can evaluate your internal networks.

Red Team, Pen Test, or Vulnerability Assessment

Loki Labs can provide a full range of cyber security services for clients of various sizes to suit needs of vastly different scales. It’s important to set the scope, based on your needs, at the outset when requesting services. For government clients, or larger companies with dedicated cyber security teams, we offer Red Team services. In those engagements, we can emulate a specific threat, such as a nation state actor or cyber criminal organization, utilizing representative tools and techniques to survey and breach a network. The purpose of this is twofold. Firstly, it is to evaluate the security of the network. Secondly, it is to evaluate the capabilities and response of the cyber security personnel (blue team). We are capable and experienced at providing this service, however, it may be more than is really necessary for clients without a dedicated defensive team, or for situations were a more tailored approach is needed.

We can offer similar services with a penetration test but in a shorter time frame and without threat emulation. We follow a methodology similar to what a hacker would use to probe your network for vulnerabilities and attempt to gain access using our standard tool kit. If exploitation is authorized, we will use tools to gain and expand access into the network, just as a hacker would do. We make every attempt to prevent system instability, though there is always some risk when using exploits. This; however, is the most thorough way to detect and verify vectors for potential compromise. Of course, this doesn’t have to be “all or nothing”. There can be set conditions where exploitation is authorized when a tailored approach is desired.

In a vulnerability assessment, we don’t use exploits to attempt to gain access. We probe the network to find potential vulnerabilities and gather as much information as possible, but don’t progress past that stage. While not as thorough as a full penetration test, it has a much lower risk of causing system instability and can still be very helpful in finding and fixing potential access vectors.

At any scale, we provide a detailed report after the evaluation concludes.  This report details all findings and provides suggestions for taking action to correct any security issues.