Detailed Scope of Work
3.1 Security Domain Vulnerabilities to be tested
The following security domain vulnerabilities will be tested with different severity level outcomes.
- Cross organization security governance, policies, procedures and awareness
- Security operations, monitoring and incident response
- Network level security
- Servers, network equipment and endpoints security
- Application level security
- Sensitive data and information management
- Identity management and remote access
3.2 Penetration Test(s)
- SQL Injection in login page – SQL Injection is an attack that allows an attacker access to an application’s underlying database.
- Application user has excessive privileges – The database application user has DBA privileges
- Unrestricted file upload – Unrestricted file upload allows an attacker to gain arbitrary code execution on servers.
- Administrative password reuse – Local administrator user passwords are re-used on Windows workstations in the DMZ.
- Vulnerable unpatched technology – Vulnerable entities are exposed in the corporate network
- Insufficient network segregation – An attacker is not hindered by network restrictions when moving in the network
- Sensitive information not encrypted in config file – Cleartext database user passwords are found in the web application’s configuration file
High risk maintenance procedures – There are active domain admin sessions in various endpoints across the network
Insecure Internet connectivity strategy – Endpoints in the internal network can use DNS to resolve internet hostnames without any restriction