Advanced technical security risks management services provided by our experienced, highly  professional team ensure, that

• identification of technical information security risks is thorough and complete
• their detailed analysis establishes the real sources and impact of all uncovered problems
• the prioritisation of risks leads to creating an effective bespoke risk reduction plan
• the resolution of risks according to this plan brings their timely elimination or mitigation
• vigilant monitoring of all technical information security risks is continuous and uninterrupted

This means all your IT security worries are fully addressed in a timely manner.

These risks can arise from outsiders with no access (a typical cybercriminal), or from legitimate access provided to customers, telecommuters, partner organisations or vendors being abused. Hence, when performing external security assessments Arhont can take either a Black Hat (no access and minimal information about the auditee provided), a Grey Hat (unprivileged access and limited information about the auditee provided), or a combined approach. 

External information security assessments provided by Arhont typically amount to a full penetration test using both industry standard and proprietary automated and manual testing methodologies, and privilege escalation if perimeter breach is achieved. Upon the assessment completion, a detailed report complimented with an in-depth risk analysis and description of flexible, affordable solutions for every uncovered issue (prioritised within the supplied risk reduction plan) will be produced. If needed, our specialists can assist your team with these solutions implementation and further re-test to verify their effectiveness. 

This amounts to establishing potential damage an internally connected attacker can do, and verify effectiveness of countermeasures in place to stop this from happening. Internal technical security aspects are frequently overlooked with network defences centred exclusively at it's perimeter, which is a violation of a whole concept of modern multilayer defence. There is little point in reinforcing city walls and gates if the enemy is already within. 

There are many scenarios in which attackers already have local access to internal resources. Typical cases include disgruntled employees or contractors, industrial espionage, physical intruders, wireless attackers, and hackers who managed to breach the secure perimeter. The latter does not always presume successful frontal attack against perimeter defences: there are many lateral ways to establish a foothold without even touching them. These ways may involve client-side attacks against web browsers, malware spreading through e-mail, instant messengers and other networked applications, or via removable media and mobile devices, and social engineering of all kinds. Hence, security-vigilant organisations should be prepared to face attackers on their own ground within secure network perimeter.

An internal security audit emulates various types of internal attacks with an aim to check and improve this level of preparedness. As such, the internal assessment is a logical continuation and culmination of all other audit types, including physical, wireless and social engineering testing. However, due to the nature of assessment when auditors have full access to internal networks, additional network- and system-centric testing methodologies are used to establish relevant risks. 

These are particularly relevant for online retailers and service provisioning companies, however more and more organisations from all backgrounds heavily rely upon web applications and portals to support key business operations.

Application security testing is the process of actively evaluating software to ensure that it has been designed, produced, tested, configured and deployed according to the best up-to-date software development security practices and recommendations. All elements of the assessed applications are analysed for various security-relevant design weaknesses and configuration flaws at the exposed interface and within the code itself. Then the real impact of any uncovered issues is evaluated, and thorough analysis of associated risks and the means to mitigate them is performed.

Our specialists take systematic step-by-step approach to find and document as many software security gaps as possible while avoiding false positives. We analyse application architecture, logic, running environment, authentication, session and user management, input/output validation, and more employing a variety of advanced proprietary and industry standard (such as OWASP) techniques.  

Modern wireless security flaws often lead to the following problems:

• side channel access to internal corporate networks and systems completely bypassing the secure perimeter
• access to end-user systems used for business and any data they store. This is particularly relevant for employee-owned devices, and for systems used by staff on business trips
• access to home wireless networks used by telecommuters/remote workers. Often such employees have VPN access to internal corporate networks, and once their home wireless is compromised full unauthorised access to internal corporate resources is gained
• access to sensitive corporate data if transmitted via untrusted wireless links (such as airport hotspots used by business travellers)
• access to critical corporate systems which depend on wireless connectivity for their operations (CCTV, SCADA, environment controls)

The main differentiator of wireless security audits from their wired infrastructure assessment counterparts lies in a blurred perimeter of wireless networks (hence its neither external nor internal!), and in a necessity to understand wireless communications and specific wireless network and security protocols by the auditors.

Being pioneers of wireless security and authors of the very first book on wireless penetration testing, Arhont can offer comprehensive wireless security assessments uncovering any related risks and offering realistic mitigation solutions. Even if a company does not officially use any wireless networks, it does not mean it is not subject to wireless security risks unless it bans all wireless-enabled devices, does not have remote workers, and does not send staff on business trips. So, having at least a snapshot wireless security audit is a good way to ensure that your sensitive data are not leaking out via wireless security gaps, and such gaps can not be abused to obtain difficult-to-detect side channel access to your internal resources.

Our experts can assist you with collecting, analysing and reporting on digital data in a way that is legally admissible. This service can be used not only in detection, investigation and prevention of cybercrime, but also in any dispute where evidence is stored electronically.

More recently, commercial organisations have extensively used computer forensics and related incident management services to their benefit in a variety of cases such as

• Intellectual Property theft
• Industrial espionage
• Employment disputes
• Fraud investigations
• Forgeries
• Bankruptcy investigations
• Inappropriate computer and Internet use in the work place
• Regulatory compliance

Arhont will not only assist you with correctly identifying the root cause of a security incident, its perpetrators and their specific actions, as well as with gathering, handling and submitting digital evidence without chain of custody violations. We see each incident as a straightforward demonstration of an existing information security risk and will work with your company to reduce it so that similar incidents will not happen in the future.