Project Overview

The request was to perform penetration test and Vulnerability Assessment on the company technology and certain process control network. First step was to review all the implemented technology and software’s documentation for the company, which included all the policies and procedures, switch, router,network architecture, firewalls and their configurations.

Challenge

Cyber Security Controls against cyber attacks

The company has just experienced a cyber attack and there was an immediate need to inspect all network enabled devices to enhance the protection of the online services and network devices against cyber attacks; to identify all web applications security vulnerabilities and implement mitigation controls.

Solution

The security testing model was based on the OWASP security testing guidelines, which includes, discovering all vulnerabilities in all identified online web and application servers with the use of known automated tools and security scripts. Network scan to identified all opened ports, including the use of default password credentials on applications and network devices.