Our pentest approach

The aim of a pentest is to assess the level of security of a defined target, by concrete testing that reproduces the conditions of a real cyberattack.

picto_cible

We use our expertise in attack techniques to identify the technical, logic and human vulnerabilities of your information systems. The exploitation phase of security flaws enables us to determine the real risks of each situation, in order to reduce them efficiently and rapidly.
A penetration test is a made-to-measure service, because attacks are designed according to the functional and technical architecture of the target.

Pentest in brief

Ethical hacking

Testing your systems in a highly professional framework

Manual tests

Our tools are effective, but our value lies in our know-how

An operational result

Very detailed audit reports for a directly exploitable result

An ultra-specialized team

A team entirely dedicated to pentests, located in France, with no subcontracting of our assignments

Contact us

Our range of pentests

We cover a wide technical scope, with specific tests for each type of target.

The exact area to which the pentest is applied is to be defined directly according to your security priorities, or after a reconnaissance audit phase for identifying the parts that are most at risk from the viewpoint of an attacker.

Types of security audits

Black box audit

A black box pentest tests the security of your platform or your system when it is faced with external attacks.

This means that the client’s staff gives the pentesters no information (or virtually none, according to the case), in order to simulate as closely as possible the conditions of an external attack. The pentester approaches the target from the viewpoint of a distant unknown person, and not a malicious client or employee.

This type of audit is used to obtain external feedback, to be compared with the viewpoint of people in charge of internal security.

It is possible to perform this type of black box penetration test without informing the staff responsible for detecting attacks, in order to observe the company’s ability to detect an attack and to react appropriately.

Grey box audit

A grey box pentest performs tests in greater depth than a black box pentest, with information provided by the client to the pentesters.

This may include allowing the pentester to have access to a target that is not publicly accessible or to user accounts on a platform with limited public access, or giving the pentester documentation on how the audit target works.

For a pentest of BtoB software, the most classic case is to provide grey box tests for checking the security tightness of different levels of access rights for the solution’s users.

A grey box security audit is also used to focus the tests only on a functional scope defined by the client, for example on the last elements released, or on features that the client suspects to be particularly vulnerable. Thanks to exchanges between the respective teams, the pentesters start the audit with a better understanding of the context.

White box audit

A white box audit is used to take the analysis even further, while having access to a maximum amount of technical information.

This means that the client transparently provides the elements that are useful for the security audit: architecture documents, administrator access to a server, access to the source code of an application, etc.

A white box audit is not strictly speaking a pentest, since the auditor does not specifically approach the target from the viewpoint of an attacker. This is a more advanced security analysis than a pentest, to better understand where the security issues come from.

This white box type of analysis also makes it possible to detect vulnerabilities that are not visible during a pentest, but which can still increase the target's level of exposure to the risk.

Security certificate and seals of approval

Security audit certificates and seals of approval increase the visibility of your security audit approach for your clients and partners.

Vaadata proposes several types of seals of approval, according to the level of pentest that has been performed: standard pentest, exhaustive pentest, recurring pentest or social engineering pentest.
The seals of approval can be displayed on line, either on a public website or in a private space.

Vaadata also proposes a security audit certificate after an exhaustive pentest of a Web platform, a mobile application or a connected object.

This is a private certificate which certifies that a pentest has been performed by a trusted third party. The certificate specifies the level of security reached on the date when it is issued.

Our pentest methodology

methodology

Our methodology is based on standards established by the international cybersecurity community, notably including the OWASP.

Every security audit is based on a cyclic process in 4 stages: Reconnaissance, Mapping, Discovery, Exploitation.

The tests are based on manual searches as well as automatic tools (tools available on the market, open-source tools and tools developed in-house). By combining these two approaches, we benefit from the power of automation to increase the pentest’s efficiency and effectiveness. Human analysis allows us to discover vulnerabilities that cannot be detected by tools, such as logic flaws, and to assess the impact of detected vulnerabilities by implementing the phase of exploitation of security flaws.

Exploitation consists in taking advantage of the identified security flaws, just as a malicious person could do. In this way, certain security flaws can be used as “pivots” for discovering other, more critical vulnerabilities.

The deliverable delivered as a result of a security audit is a comprehensive report detailing the identified vulnerabilities, their possible exploitation, and the necessary corrections to be implemented. The initial audit can be complemented by a phase of validation of the corrections, to check that all the flaws have been corrected.

Focus on the pentest tools

The choice of tools depends on the target of the pentest. Here are some examples:

For a Web application pentest:
  • Interception proxy (example: Burp)
  • Security flaw scanner (example: SQL map)
  • Various specific scripts for each technology (examples: WPscan, Drupscan)
For an internal network pentest:
  • Port & services scanner (example: Nmap)
  • Security flaw scanner (example: Metasploit)
  • Traffic interception tool (examples: Bettercap, Responder)
  • Network analysis (example: Wireshark)
For a reconnaissance audit:
  • Search engine (example: Google)
  • DNS enumeration tool (examples: Subfinder, Amass)

How can we define the scope of a pentest?

The scope or perimeter of a pentest corresponds to the target that will be the object of attacks. It is possible to precisely define (or not define) its scope, according to the objectives and priorities of the audit.

For example, a black box pentest of an information system will target the elements of the information system discovered by the pentesters during the reconnaissance phase.

A grey box pentest of a Web platform will target all the features of the application, or only certain specific features, depending on the chosen objective.

The purpose of the audit may be related to an external constraint or requirement: for example, obtaining a certification, or a request from a business partner, or responding to a security incident.

In other cases, the purpose of the audit can be defined following a risk analysis or a reconnaissance audit to identify the company's attack surface.

During exchanges prior to a security audit, we can advise you on the scope of the pentest by examining different elements of context.

Why put in place recurring penetration tests?

Vaadata offers “one-shot” security audits as well as recurring security audits at regular intervals.

The recommended frequency for a pentest depends on the target itself: the level of exposure to risks, the level of criticality of risks, the pace of new releases, external constraints related to a certification or to the level of requirement of users, etc.

Recurring audits are used to support an organization in a process of gradually improving its security level. The scope of the penetration tests is adjusted or expanded during each session, in order to gradually test different types of threats and different parts of the information system.

Our annual subscription system allows us to set up real support, with a dedicated technical contact person who can advise you on the content of each pentest session according to the gradual evolution of your security issues.

Recurring pentests can be complemented by technical consultancy or by training, in order to maximize our response to your specific issues and transfer expertise to your teams.

Contact us