Detailed Scope of Work

3.1 Security Domain Vulnerabilities to be tested

The following security domain vulnerabilities will be tested with different severity level outcomes.

  • Cross organization security governance, policies, procedures and awareness
  • Security operations, monitoring and incident response
  • Network level security
  • Servers, network equipment and endpoints security
  • Application level security
  • Sensitive data and information management
  • Identity management and remote access

3.2  Penetration Test(s)

  • SQL Injection in login page – SQL Injection is an attack that allows an attacker access to an application’s underlying database.
  • Application user has excessive privileges – The database application user has DBA privileges
  • Unrestricted file upload – Unrestricted file upload allows an attacker to gain arbitrary code execution on servers.
  • Administrative password reuse – Local administrator user passwords are re-used on Windows workstations in the DMZ.
  • Vulnerable unpatched technology – Vulnerable entities are exposed in the corporate network
  • Insufficient network segregation – An attacker is not hindered by network restrictions when moving in the network
  • Sensitive information not encrypted in config file – Cleartext database user passwords are found in the web application’s configuration file

High risk maintenance procedures – There are active domain admin sessions in various endpoints across the network

Insecure Internet connectivity strategy – Endpoints in the internal network can use DNS to resolve internet hostnames without any restriction