SecureTriad operates under a structured methodology. This method of operation ensures that our assessment is reliable, reproducible, and easy to understand. We can help your team verify our findings, and then retest to confirm remediation has worked. To induce these results, we are guided by the subsequent steps:
We define a clear scope of work before conducting a web application assessment. We encourage open and clear communication between us and your organisation to establish a solid foundation for the project duration. As part of defining the scope, we:
• Determine the applications and/or domains that are to be scanned/tested.
• Make exclusions from the assessment known (specific pages/subdomains).
• Decide on the official testing period.
We collect the maximum amount of information as possible about the target, by employing a multitude of OSINT (Open source intelligence) tools and techniques. The gathered information helps us to comprehend the operating conditions of the organisation, which further allows us to assess risk accurately as the engagement progresses. Intelligence gathered might include:
• PDF, DOCX, XLSX, and other files exposed over the internet.
• Previous breaches/credential leaks.
• Revealing forum posts by application developers.
• Exposed robots.txt file.
At this stage, we incorporate automated scripts and tools, among other tactics, in more advanced reconnaissance. We closely examine any possible attack vectors. The information collected from this stage will form the basis for exploitation in the subsequent phase. This process involves:
• Enumerating subdomains/directories.
• Checking cloud services for possible misconfigurations.
• Associating known vulnerabilities with the application and relevant services.
Using the collected data, we begin to exploit vulnerabilities found within the webapp. Testing is done cautiously and with careful consideration to protect the application and its data, but at the same time being able to verify the existence of the vulnerabilities. At this stage, we perform attacks such as:
• SQL injection, Cross-Site Scripting (XXS), Remote Code Execution to name a few.
• Employing breached credentials and brute force tools against authorisation mechanisms.
• Monitoring web app functionality for insecure transport layer protocols and functions.
After completing the assessment, SecureTriad provides an assessment report which includes executive summary and technical findings. The executive summary is written for management consumption and is a high-level overview of assessment activities, scope, most critical issues discovered, and overall risk scoring. We also include strategic recommendations to assist business leaders in making informed decisions regarding the application. The technical findings include all vulnerabilities listed individually, with details for recreating the issue with necessary screenshots, understanding of the potential risk, recommended remediation actions, and helpful reference links.
Based on client request, SecureTriad may conduct retest of the application after your IT team has patched vulnerabilities. This ensures changes were implemented appropriately, and the risks have been eliminated.