Firewalls for a US Consumer Reporting Agency
Firewalls for a US Consumer Reporting Agency
Customer
The Customer is a US licensed consumer reporting agency. They are a nationwide provider of pre-employment screening services, including criminal records, and credit history check.
J.F.Benzamin
/ Group Chief Executive Officer – Consumer Reporting Agency
Datazo Infotech’s security testing team performed penetration testing of the firewalls for a US licensed consumer reporting agency. The security engineers managed to bypass the firewalls and made attempts to identify the services running behind them.
| Tags | basic |
| Share |
Requirements
Our solution
The Customer had two IP addresses with outward-facing hardware firewalls.
Advancements in technology – Datazo Infotech's security testing team performed penetration testing of the Customer’s firewalls according to the black box model (simulating the actions of a real attacker with limited knowledge of the network). The security check was performed based on the Open Web Application Security Project (OWASP) Top 10 methodology.
The security engineers’ main tasks were the following:
Bypassing the firewalls.
Attempting to identify the services running behind the firewalls.
The security engineers’ main tasks were the following:
Bypassing the firewalls.
Attempting to identify the services running behind the firewalls.
The Customer turned to Datazo Infotech to get penetration testing of these firewalls to check their configuration security level and find out if there were any vulnerabilities to eliminate.
Market development –Datazo Infotech's security testing team identified the types of firewall hardware the Customer had with the accuracy of 90% and managed to bypass them. No vulnerabilities were revealed by Datazo Infotech's security engineers in the course of penetration testing.
The security engineers detected several Transmission Control Protocol (TCP) ports. Nevertheless, the Customer’s firewalls ensured a sufficient level of security not to let the security engineers accurately identify the particular types of services running behind the firewalls.
The report provided by Datazo Infotech's security testing team to the Customer contained the list of detected TCP ports, as well as the characteristics of how the Customer’s firewalls behaved during penetration testing.
The security engineers detected several Transmission Control Protocol (TCP) ports. Nevertheless, the Customer’s firewalls ensured a sufficient level of security not to let the security engineers accurately identify the particular types of services running behind the firewalls.
The report provided by Datazo Infotech's security testing team to the Customer contained the list of detected TCP ports, as well as the characteristics of how the Customer’s firewalls behaved during penetration testing.
Results:
Datazo Infotech’s security testing team provided the Customer with the evaluation of the security level of their hardware firewalls as “high”. The Customer got the detailed description of what was done in the course of black box penetration testing. The security engineers also provided the Customer with the characteristics of the ways the tested firewalls behaved.
Technologies and Tools : Metasploit, Nessus, Nmap, Tor
Testimonials
Virtual technology in a Refined IT System
E-commerce Development
Clement Connor, COO at SMARTBOOST
Web Development
Fahim Iqbal, CEO at App Maisters Inc
Mobile App Development
Jeanne Morgan, Senior Brand Manager at Brand Mellow
Software Development
Wendi Sturgis, CEO at Cleverbridge
Mobile App Development
Elie Wahnoun, Founder and CEO at Courimo
Web Development
Tom Hardy, Manager at Sparx IT Solutions Pvt Ltd
Blockchain Custom Software Development | E-Commerce Development | Mobile App Development | Web Development
Khoren J, Operation Supervisor, Bonum Home Health & Hospice
Custom Software Development | Mobile App Development
Christian Kortlang, Land & Development Manager, Marston Properties Ltd
Custom Software Development
Justine Bergeron, Communication & Project Manager, Delta Drone
