Penetration
Testing &
Red Teaming

Our Red Team has extensive experience in the simulation of various threat actors. These range from simple “script kiddie” attacks to highly complex vulnerability chaining for attacks at the “nation state” level. Close, continuous cooperation with the internal Blue Team and the implementation of impromptu crisis management exercises at InfoGuard’s Cyber Defence Centre have resulted in a unique wealth of experience for particularly complex and well-shielded environments. The attacks have already gone so far as to exploit vulnerabilities that are still unknown to the public (development of so-called zero-day exploits). This has made it possible to bypass state-of-the-art security appliances and achieve a breakthrough in high-security environments. Our individual team members have wide-ranging and deeply specialised expertise (e.g. from BlueTeam/RedTeam dual roles, forensic analyses, reverse engineering, cryptography or exploit development), producing a unique combination of offensive and defensive IT security.

Many companies want to test the effectiveness of their own security infrastructure by simulating an attack – i.e. assuming that an attacker is already in the internal network (known as an “assumed breach”). Our internal attack simulation is based on a fictitious security incident and focuses in particular on the Active Directory (AD), which is a central pillar of the infrastructure. The approach not only covers threats from internal actors, but also takes into account the risks posed by compromised user accounts or infected clients. Specific scenarios are selected, such as the use of a client VPN on a customer laptop or a connection via the Virtual Desktop Infrastructure (VDI), which meet the customer’s technological requirements. This simulation aims to provide an accurate picture of possible vulnerabilities and delivers concrete measures to optimise security.

The threat of cyberattacks has become one of the most pertinent risks for the financial sector in recent years. To guard against attacks, it makes sense to comply with current cyber security standards and to check their effectiveness periodically using penetration tests. To enable these tests in a standardised form in Europe, the EU central banks have created TIBER-EU (Threat Intelligence-based Ethical Red Teaming), a uniform framework for threat-based penetration tests.
With our TIBER-EU red teaming penetration test, we check your live systems against the requirements of the directive. The motivation for a TIBER test is not to ensure the successful defence against an attack, but to identify vulnerabilities in your own defence mechanisms and measures. A TIBER test tells the company how attackers could operate successfully, enabling the company’s own cyber resilience to be improved accordingly.

The internal/external penetration test checks which exposed systems can be identified by means of a detailed collection of information. Lucrative targets or weak systems (such as vulnerable web applications or outdated services) are known and can be analysed in further steps. This identifies strengths and vulnerabilities, assesses the risk situation and recommends specific measures to reduce or eliminate any vulnerabilities.

This audit involves a technical review of the infrastructure. This involves verifying whether technical or configuration vulnerabilities exist that would allow an attacker to gain initial access to the internal network – or to control internal IT systems from the Internet (C2), or to steal data undetected. The test catalogue developed by InfoGuard is based on recognised security standards such as the “Center for Information Security” (CIS) benchmarks and the Microsoft Security Baselines.

We test your IoT/ICS and/or SCADA infrastructure. The strengths and vulnerabilities of the individual components are checked, the risk situation is assessed and specific measures are developed to reduce or eliminate any vulnerabilities. The audit ensures that the systems used are sufficiently secure to withstand a cyberattack.

The Active Directory is the central location for managing network resources, user objects and authorisations. Security gaps and potential vulnerabilities within the configuration can have a major impact on your cyber security and increase your susceptibility to cyberattacks. Our Active Directory Assessment is the perfect solution for identifying any security gaps and risks. The Active Directory settings in your company are fully checked for security issues and the results analysed by the designated specialists and then discussed with you in detail. You’ll receive specific optimisation suggestions and recommendations to ensure a secure AD configuration in your company.

Our source code review identifies errors that are difficult or impossible to find in black box or grey box tests. Our experienced pentesters are aware of the typical implementation and design errors and carry out a thorough code review. Checking the source code not only shows which instruction in which line of code is vulnerable, but also which variable caused the vulnerability. This gives the application developers a comprehensive picture of the individual vulnerabilities so that they can be eliminated in a targeted manner.