Case Study » Identification and Exploitation of Vulnerabilities for a Federal Client
To maintain accreditation and an authority to operate with the Dept. of Defense, DHS, TSA agencies while ensuring a secure cybersecurity posture and healthy cyberhygiene.
Identification and exploitation of vulnerabilities within agency system to include servers, workstations, databases, network devices, and appliances. Automated and manual processes were utilized to assess all agency system components through a detailed penetration testing methodology.
Reconnaissance and discovery activities outline assets within a system and network to provide a baseline of attack vectors and serve as initial sources for information gathering activities in order to provide a real world representation of an agency system or network. All hardware, software, operating system, appliance, and network devices are enumerated with corresponding ports, protocols, services, applications, databases, web servers, middleware, browsers, and other pertinent information. This allows for the detailed configuration of automated vulnerability scanning tools. Vulnerability and configuration scans are conducted to identify known vulnerabilities and hardening misconfigurations using the enumerated asset information. The methodology supports diverse and large networks by allows for the segmentation, organization, and management of assets and vulnerabilities efficiently and effectively. A manual review of automated vulnerability scan results was performed to discern valid findings from false positives. This method effectively prioritized vulnerability for remediation by the agency. The agency was provided with known and exploitable critical vulnerabilities that must be mitigated immediately to maintain an acceptable security posture.
In addition, documentation review of the system design, functionality, data flow, security, and other operational processes including but not limited to Disaster Recovery, Business Continuity, Redundancy, Physical Security, Personnel Security, Access Control, Media Protection, Incident Response, System Integrity. This review identified gaps in compliance and other agency based requirements while providing recommendations on process and procedure improvements.
Physical security assessments on system assets were performed to ensure proper access, environmental, and security controls were implemented. Limitation of access and the implementation of detection and deterrent security controls is necessary in the detection, deterrence, and response to external and internal threats.
Movel has broad expertise in cybersecurity, thread assessment and management and is an expert in application development security. We were chosen due to the domain and technical expertise and the cyber qualifications of our team.
The client received a holistic assessment and report of the security posture of the agency networks and systems. Successfully obtained system authority to operate on agency networks through remediation of vulnerabilities identified during the effort.