On project initiation, we collect the scoping/target information from your organisation. This information includes the IP addresses, URLs, definition file or documentation for all endpoint definitions, authentication credentials, and API tokens related to the target.
In this phase, we gather as much information as possible about the target using publicly available resources. We then proceed with crawling of the web service using a combination of manual and automated tools and analyse the service paths within the scope. The goal of this phase is to identify any sensitive information that can be leveraged in later phases to compromise the web service/API.
This phase encompasses the enumeration of the target web service and/or API on both application and network layers. We then perform active scanning and manual review of the exposed endpoints for determining their business functionality and identifying unauthenticated/authenticated endpoint attack surface. An application proxy is used to intercept normal webservice/API interactions for all in-scope endpoints. Packet-level traffic and response headers are also analysed.
In this phase, we attempt to exploit the vulnerabilities identified in previous phases of the assessment. This step helps to determine the realistic risk level associated with the successful exploitation of the vulnerability and to validate if any mitigating controls are already in place.
After completing the assessment, SecureTriad provides an assessment report which includes executive summary and technical findings. The executive summary is written for management consumption and is a high-level overview of assessment activities, scope, most critical issues discovered, and overall risk scoring. We also include strategic recommendations to assist business leaders in making informed decisions regarding the application. The technical findings include all vulnerabilities listed individually, with details for recreating the issue with necessary screenshots, understanding of the potential risk, recommended remediation actions, and helpful reference links.