Security testing of corporate network

PRODUCT OVERVIEW

The company developed a corporate network to store user and corporate data. The network was also developed as a communication channel for the employees. The company contacted a1qa to ensure the security of the product. Major points were to secure corporate data and protect internal infrastructure from unauthorized access.

PROJECT SCOPE

In the course of the project, the testing was divided into two parts. The passive scanning was performed during business hours, while the active testing phase was organized outside the working hours.

DoS attacks were run during limited and preliminary agreed hours, remote access to the network was provided via the VPN connection.

The QA team was scaled up in order to accelerate the testing procedures. Scripts development for the automation of manual checks was implemented to increase test efficiency.

At the end of the testing period, the specialists created detailed defect reports and elaborated security recommendations.

The project was completed successfully and the client was willing to prolong cooperation. 

SERVICES OFFERED
  • Security testing
TECHNOLOGIES & TOOLS
  • Unix
  • Red Hat Linux
  • Debian
  • Windows Server 2012
  • SQL Server
  • PostgreSQL
  • LDAP
  • SharePoint
  • DNS
  • Snort
  • MySQL
  • Cisco
  • Nmap Project
  • Nessus Vulnerability Scanner
  • Kali Linux
  • Kaspersky Lab
  • Metasploit
  • RSA Security Analytics
  • PortSwigger Web Security
  • Rapid7 Nexpose
  • XSpider
  • OWASP
CHALLENGES AND SOLUTIONS

Incorrectly set-up system:

  • The team analyzed configuration of network devices
  • Specialists checked compliance with manufacturer recommendations
  • a1qa met industrial and international standards.

The production environment was unavailable during business hours:

  • File configuration was analyzed
  • Active network scanning outside working hours was performed.

Non-defined system vulnerabilities:

  • The team ran penetration testing.
QA news and tips delivered right to your inbox
We’ll send you one newsletter a month, jam-packed with amazing QA offers, hottest industry news, and all kinds of Software Testing goodness.