In addition to all other established security measures such as firewalls, network zoning, Endpoint Detection and Response (EDR), BCM and ITSCM plans and concepts as well as (ISO) audits and others, penetration tests and security assessments of your IT infrastructure are of central importance. They provide clear insights into whether there are generally known or previously unknown vulnerabilities in your infrastructure. This is checked in network/security infrastructure tests by specialists using a standardized and structured procedure.
A security scan, also known as a vulnerability scan, is suitable for on-premise infrastructures, in the cloud or even in hybrid scenarios. In particular, it can help identify vulnerabilities on a large number of systems, in entire networks, network segments or individual IP address ranges. In addition, a discovery scan can uncover systems and/or services that have not been inventoried, and even misconfigurations in firewalls can be detected.
For vulnerability scans, automated test software is used, which is parameterized by our specialists according to your needs. Mainly unprivileged scans and, if required, privileged scans are carried out to uncover generally known vulnerabilities on a large number of systems in a short time. Depending on the number of systems and the risk assessment, a subset of the results can be further analyzed manually.
Oneconsult offers both scans over the Internet to simulate an external attacker, as well as from internal networks to identify vulnerabilities that can be exploited by an internal attacker. The tests can be carried out remotely (with appropriate access to the relevant networks, for example via VPN) or on-site.
Within the network and security infrastructures, Oneconsult tests various systems and components in order to check for vulnerabilities and their particular security aspects. These systems include, for example, network switches, network management consoles, virtualization solutions, IDP and IPS systems, backup solutions, system and configuration management solutions, IAM systems, and other solutions. The procedure is based on security scans; the depth of testing and the tools to be used are specially selected depending on the test object. In addition, you will be shown whether the configuration of the systems can be manipulated and whether the protocols or encryption algorithms meet current requirements.
Firewalls are the most obvious components of IT security infrastructures. Nevertheless, configurations or rulesets often do not, or perhaps no longer, meet expectations. “Historically grown” access control rules, increasing complexity due to hybrid scenarios, and often unclear allocation of responsibilities can lead to undiscovered loopholes for cybercriminals.
With the firewall security assessment, you gain an overview and potential security gaps, or misconfigurations are uncovered. Oneconsult uses automated tests, manual analyses, collaborative configuration checks, and concept reviews (target-actual comparison) to assess the effectiveness of your firewalls, product-independent and with a focus on security.
Wireless networks have become indispensable and are very exposed, as attackers usually do not need to be on the company premises physically to connect to an access point. This makes the use of suitable measures to prevent unauthorized access and connections all the more important. During the WLAN security assessment, your wireless networks with IEEE standards 802.11 and their use are analyzed by means of hardware and software-based scanners, rogue access points and configuration reviews. The focus is on authentication and encryption as well as client-side configuration and the handling of credentials.
Cybercriminals continue to use simple emails as a gateway to facilitate cyberattacks. The email infrastructure must therefore be specially protected and configured accordingly, and email security measures must be regularly adapted to current threat scenarios. Spam, malware and content filters are the norm today, but many other measures are required to keep security in this area as high as possible.
Whether on-premise email systems (e.g. MS Exchange) or cloud-based (e.g. Exchange Online / M365), the specialists at Oneconsult check the configuration and effectiveness of the implemented protective measures end-to-end and you receive specific recommendations to improve your security.
In addition to the email security assessment, which primarily checks the mail infrastructure and the mail clients used, please also note the offerings in the area of phishing or spear phishing and awareness campaigns.
Communication via VoIP or Unified Communication (UC) solutions is now widespread and highly exposed. Eavesdropping attacks have always been popular and are becoming easier and more cost-effective with the increasing possibilities of AI. VoIP/UC security assessments offer a comprehensive evaluation of your systems by analyzing and evaluating network traffic, protocols, log data as well as other data. With additional configuration reviews and automated tests, exploitable vulnerabilities and misconfigurations are identified and evaluated. Oneconsult is fully independent of manufacturers and focuses on validating whether implemented hardening and security measures are effective or advises you on the security relevance of configurations.
Remote access is widely used in various forms. As practical and necessary as these accesses are for retrieving your internal and sometimes highly sensitive data, they are also popular with cyberattackers. Security is therefore of central importance for remote access solutions.
A remote access security assessment helps you to verify that authentication, authorization and encryption meet the highest standards and cannot be circumvented or manipulated. A great deal of attention is also paid to whether unauthorized access to applications and systems is possible by exploiting the remote access solution (lateral movement, privilege escalation, etc.). Automated tests, but above all individual manual analyses and configuration reviews are carried out. A precise definition of the test object and the test depth during scoping and at the kick-off is essential, as the boundaries (client – remote access infrastructure – authentication solution – target systems – end applications, etc.) are not clear-cut and depend on the complexity of the infrastructure. The specific issues that need to be clarified can also vary greatly.
With Oneconsult Network/Security Infrastructure Testing, you can find out to what extent you have vulnerabilities under control and which security gaps still exist. Our comprehensive testing and analysis identifies potential security risks, vulnerabilities and threats in your network and security infrastructures so that you can fix them before they can be exploited by cybercriminals.
Don’t miss anything! Subscribe to our free newsletter.
Availability Monday to Friday 8:00 a.m. – 6:00 p.m (exception: customers with SLA – please call the 24/7 IRR emergency number).
Private individuals please contact your trusted IT service provider or the local police station.
For more information about our DFIR services here:
