Device Penetration Test
Service Overview ⫘
The objective in a Device Penetration Test is to demonstrate if and/or how weaknesses in the device's hardware and/or software can be leveraged to compromise the device. Testing includes exploitation of vulnerabilities, username and password discovery, communication weaknesses, and hardware design flaws. The goal is to prove the "chain is only as strong as the weakest link" concept and discover security flaws not identified by vulnerability assessments.
Service Methodology ⫘
Secureworks employs a multi-phase approach to device penetration testing, based on our internally-developed methodology that is derived from industry best practices and our extensive experience. We collaborate with you to determine in-scope and out-of-scope targets.
Open Network Services Enumeration and Exploitation ⫘
Secureworks will interrogate available network services to determine additional information about Customer's network that could lead to compromise. Information gathered will be leveraged in attempts to compromise the target device(s). Examples of techniques used include but are not limited to the following:
- Web servers: default usernames and passwords, file upload vulnerabilities
- Brute forcing of password protected, network services
- Authentication bypass of vulnerable network services
- Exploiting outdated and/or vulnerable services using public exploits
- Identifying and exploiting network backdoors
Network and Wireless Communications ⫘
Secureworks will attempt to identify data leakage and/or compromise vectors by monitoring and manipulating device communications. Communications channels include the following: wired ethernet, 802.11 wireless, Zigbee/ZWave, CAN bus, Serial, etc. Techniques include but are not limited to the following:
- Passive monitoring
- Man-in-the-Middle packet sniffing
- Encryption Downgrade attacks
- Authentication capture
Physical/Hardware ⫘
Secureworks will attempt to identify vulnerabilities in the physical design and the device(s) hardware to compromise the device(s). Techniques include but are not limited to the following:
- Tamper detection bypass
- Direct Memory Access via PCIe, Thunderbolt, USB3, etc.
- Debug and Programming exploitation: JTAG, UART, SPI, ICSP, etc.
- Direct storage attacks
Firmware ⫘
- Should Secureworks obtain access to firmware during testing, firmware will be reverse engineered to inform additional attacks.
Remote Retest ⫘
Secureworks will conduct one (1) remediation validation ("RV") for only the high- and critical-severity findings listed in the final report. After primary test completion, Customer has ninety (90) days in which to remediate issues, schedule the RV, and have Secureworks perform the RV. Customer must submit the RV request through email to the Secureworks point of contact for the assessment within thirty (30) days of delivery of the final report or the RV is forfeited.
Note: Secureworks only conducts RVs remotely, regardless of whether the assessment was conducted on-site.
Scoping information ⫘
Scope | Description |
---|---|
Device Penetration Test - Small | Testing performed on one (1) device. |