WE CONDUCT BOTH AUTHENTICATED AND UNAUTHENTICATED VULNERABILITY SCANS
AUTHENTICATED & UNAUTHENTICATED VULNERABILITY SCANS
There are multiple types of vulnerability assessments that can be conducted on your networks. The two major types are authenticated vulnerability scans and unauthenticated vulnerability scans:
This type of scan covers the portions of a network that can be accessed by an unauthenticated user, such as an external cyber-attacker.
This type of scan focuses on areas of the network that a logged-in, authenticated user can access, and is used to conduct a more detailed, widespread assessment as well as determining the threat level of a malicious internal threat.
AN UNAUTHENTICATED VULNERABILITY SCAN COVERS THE AREAS OF THE NETWORK WHICH CAN BE ACCESSED FROM A NON-LOGGED IN USER
Unauthenticated users can only access certain, basic areas of any corporate network. Outside of malicious internal threats, cyber-attacks generally come from outside of a network, and thus requires a hacker to utilize session hijacking, man-in-the-middle attacks, code injection, or malware - such as rootkits and backdoors - to become an authenticated user. This allows them to access databases, information, resources, servers, files, etc.Along with pivoting through different systems, a cyber-attacker can use rootkits and tools for privilege escalation to gain access to other, more sensitive systems, all from initially being an unauthenticated user on the outside of a network.As can be seen, unauthenticated users may be able to initially access only limited parts of a network, but can still represent a very real threat to your business infrastructure. As noted by David Shephard and according to the 2014 U.S. State of Cybercrime Survey, over 50 percent of organizations reported that cyber-crimes from outside sources were the most damaging, though malicious internal threats often represent a large portion of the cyber-criminals that attack businesses.During an unauthenticated vulnerability scan our security engineers start with little knowledge of the system being tested and use normative footprinting methodologies to obtain information on the organization, and to discover as much about the network as possible. This usually entails using google, google-dorks, WHOIS and other resources such as dig, to obtain DNS information, emails, IP addresses, policy information, etc.Along with a port and vulnerability scan, these steps offer a good simulation of what an attacker could potentially expose about a business system in order to exploit it.
AN AUTHENTICATED VULNERABILITY SCAN UNCOVERS POTENTIAL VULNERABILITIES THAT A LOGGED IN USER COULD EXPLOIT
An authenticated vulnerability scan is indicative of a logged-in, authenticated user with internal knowledge of and access to the system, which allows for a more direct approach. This method of scanning allows for the utilization of more network ranges, including VLANs, subnets, host systems and other IP addresses usually associated with the purview of an authenticated user.Going back to offensive security methodologies - comprised of footprinting, port and vulnerability scanning, exploitation, and post exploitation - authenticated vulnerability scanning allows our security team to focus less on the discovery phase of the offensive security methodology and instead allows our engineers to focus on the vulnerability assessment and identification phase.Together, unauthenticated and authenticated vulnerability scans provide a comprehensive security overview of how well your business network will stand up against an external or internal threat, and allows you to ascertain the different attack patterns associated with internal and external threats, and consequently, how to harden your systems to ensure complete data security.