NetSPI's approach for assessment services uses multiple automated tools to gather findings and other information, supplemented by manual testing and review by consultants with expertise in doing high-level assessment project work. By themselves, automated tools lack the ability to accurately identify flaws that can present real business risk to companies. That's why NetSPI combines those tools with attacks, analyses, and verifications by our expert consultants.
This approach integrating automated tools and manual testing by experts is incorporated into NetSPI's overall Assessment Methodology
NetSPI assessment services are based on a structured and proven process. A service begins with information gathering, where we learn about your organization, define project scope and requirements, and research the systems to be analyzed. We then conduct testing and evaluation to identify security risks. Using our proprietary tool, Correlated Vulnerability Management (CorrelatedVM), we analyze the data we have collected and generate a series of reports. Working in collaboration with you, we interpret the results in these reports against your requirements. Finally, our senior consultants document the analysis and present it to your organization.
Tools We Use
NetSPI uses a comprehensive set of best-of-breed tools for its extensive evaluations. In addition to a wide array of commercially available and open source tools, NetSPI also employs a variety of internally developed tool, including comprehensive program guides to help clients get through assessments with consistent, high-quality results. This appendix lists some, but not necessarily all, of the internal tools NetSPI uses during assessments. Additional tools may be used to further investigate specific operating systems, applications, and the vulnerabilities found over the course of NetSPI's evaluation.
NetSPI's proprietary platform CorrelatedVM (Correlated Vulnerability Manager™) assures the most comprehensive and accurate vulnerability assessments available in the market today. Using CorrelatedVM, NetSPI consultants streamline the more rudimentary and mundane - yet no less important - assessment tasks like automated scanning, data aggregation and correlation, trending and reporting - which allows more time for targeted manual testing, business logic application, verification and analysis.
From a single dashboard, NetSPI consultants use CorrelatedVM to aggregate data from a variety of different automated toolsets (including Rapid7, nCircle, Nessus, Nmap, custom scripts, etc.) and collect information across your network and application infrastructure. The data is then efficiently normalized and correlated for quick reference and analysis by manual testers. Automating these key functions allows NetSPI consultants to perform multiple scans with multiple tools in the same time most vendors need to scan once and analyze the data. NetSPI consultants thereby collect more data points and create more context than other vendors.
The voluminous data collected and organized by CorrelatedVM is automatically de-duplicated, categorized and associated with its proper risk rating and remediation strategy. The single dashboard allows NetSPI consultants to quickly pick out false positives, identify potential false negatives and immediately drill down into anything suspicious (e.g.: one tool identifies a specific vulnerability which another tool does not). After expert manual verification of all results and additional creative testing, NetSPI consultants can then input the results of their manual testing into CorrelatedVM for additional correlation, to identify new vulnerability patterns or exploit vectors.
Proprietary Tools and Techniques
NetSPI may use some of the following tools during certain assessments:
Penetration Testing Techniques - NetSPI has developed a number of proprietary techniques and tools that allow for the identification of system and application entry points, faster privilege escalation, and gathering of evidence in less time. The majority of the techniques leverage native operating system and application technology which provides NetSPI with the means to perform penetration testing with low risk to the target environment.
NMapper - NMapper is an extension to Nmap port scanner that automates, schedules, and streamlines the scanning and exporting of port scanning results
Enhanced Discovery Suite - NetSPI custom built application which conducts DNS scans, port scans and gathers SSL certificate information to generate a comprehensive list of web sites hosted on target IP addresses
Thunderclap - A cloud-based agent used for incident response training and infrastructure stress-testing
Social Engineering Tools - NetSPI combines custom email address harvesting scripts, email spoofing scripts, and phishing susceptibility pages to test an organization's susceptibility to a targeted email phishing attack
Host-based Assessment Scripts - NetSPI has developed custom scripts to report security configuration vulnerabilities on numerous platforms, including:
- Microsoft Windows
- Device configuration probes for CheckPoint and Cisco devices
- 3rd Party Tool Enhancements
- Custom Nessus plugins
- Custom Metasploit plugins
Information Gathering Scripts - In order to more accurately detect an organization's internet footprint, NetSPI has developed scripts to identify a organization's inbound and outbound links and references.