Penetration test service normally focuses on specific asset or target such as web/mobile application and doesn't cover assessment of the IT infrastructure of an organization. For this reason, penetration test alone cannot provide extensive visibility of security threats that are coming from many different angles.
Scenario-based Penetration Test service provided by ECQ helps address the issue of limited threat visibility by simulating attacks from an external, internal, and rogue user point of view. Utilizing the same Tactics, Techniques, and Procedures as of real world advesaries or APT attackers, Scenario-based Penetration Test can be thought of as a lighter approach to Adversary Simulation where attacks are conducted based on each specific scenarios and require shorter execution time.
In External scenario, ECQ analyzes all possible attack vectors from an adversary point of view and execute all necessary hacking techniques to establish initial foothold to the target network.
ECQ also simulates attacks originating from external branches or partners' network to help an organization understand better the threats that are coming from a compromised system of a remote branch or third-party vendor.
Internal scenario penetration test helps an organization evaluate the risks of having a compromised system in the internal network and validate the effectiveness of internal security controls such as SOC/EDR/IDS.
In this scenario, ECQ uses its laptop to connect to any LAN point or WiFi network provided to attack and perform lateral movement. The objectives here are to gain administrative controls of the Domain Controller and breach mission critical systems of the target organization.
Credential or Valid Account scenario penetration test requires the Consultant to use a valid domain credential in an internal security assessment to try infiltrating deeper to the mission critical network segments via any LAN point or WiFi provided.
The objective of this scenario is to help an organization discover insecure trusts, excessive privileges, leakage of sensitive information, and weak security controls.
In this final scenario, ECQ tries to gain local access to the laptop or workstation provided; and if successful, escalate privilege to become the local administrator. This machine is then used to test installing unauthorized software and bypassing internal security controls.
This type of assessment helps evaluate security controls and policy such as Network Access Control, removable devices policy, and data leakage. Workstation scenario penetration test illustrates the potential impact of having a system stolen or compromised.