Infrastructure Security


Vulnerability Assessment

Our network security experts have rendered hundreds of vulnerability assessment services and have identified thousands of critical vulnerabilities which expose organizations to external and internal attacks. Services include:

  • External network vulnerability assessments
  • Internal network vulnerability assessments
  • Custom services as requested

Vulnerability Assessment is used to identify known vulnerabilities at network, operating system, server and application level. Through Vulnerability assessment of infrastructure assets like servers, network devices, Operating systems etc., we provide an organization overall picture of the vulnerabilities present on their network infrastructure. We extend our services by assisting in vulnerability mitigation and risk management.

Network Penetration Testing

In order to render your network infrastructure “hack-free”, penetration test is a key process. In Network penetration testing, network security expert analyses the network infrastructure or specific assets from the point of view of a malicious hacker and tries to gain unauthorized access to servers, devices, or confidential data and even try to execute actions through elevated privileges.

As per your requirement and criticality of infrastructure, we define the scope of such an engagement into internal/external, black box/grey box or combination of both approaches.If a flaw is discovered which might be exploitable and deep diving is required, explicit permissions are taken prior to further exploration. Assessment reports detail the exploitation techniques employed for your better understanding of the security scenario.Reports detail and prioritize vulnerabilities with overall security risk rating, business impact rating and detailed remediation procedures.

Configuration Audit

ANZEN's technical configuration audit process is highly customized to suit the organization's network infrastructure.

The audit process broadly consists of auditing the perimeter devices, network devices such as firewall, routers, switches, load balancers, IPS, IDS and Server Systems such as Domain Controllers, File Servers, FTP Servers, Email Servers, Proxy Servers, Antivirus Servers and Databases comprising network architecture.

For all In-scope Hosts, ANZEN consultants will analyse various components of identified operating systems using automated tools and manual techniques to identify known vulnerabilities in categories such as:

  • Security Patch Levels
  • File Permissions / Registry Permissions (if applicable)
  • Misconfigurations
  • File Systems
  • Users / groups presents on the system
  • Services running
  • Network Configurations
  • Event Logging
  • Database Configurations
  • Version specific vulnerabilities

The technical audit checks will be selected specific to the devices, servers systems and databases under the scope.

Network Architecture Review

ANZEN network architecture review is a process of thoroughly assessing the network component’s configurations with their placements in the network and network design. Our network security team will observe network from defence in depth strategy to withstand any network attacks. The audit objective is to assist in increasing the security posture of the network.

The Network Architecture Review encompasses following steps:

  • Understanding organization business and the network infrastructure
  • Review network design and deployed network security solutions
  • Device configuration audit
  • Review organization’s security policy
  • Analysis and Reporting

Wireless Security Testing

Wireless Networks are an integral part of organizations network infrastructure and has the exposure to internal/external threats.

ANZEN's wireless security audit methodology is a result of research, proven techniques, advance testing tools and rich experience of our security experts in this area to ensures the maximum coverage over all possible threats from various dimensions.

Several wireless deployments are accessible beyond the acceptable physical premises protecting the infrastructure,which presents unique threats. Attackers can target wireless access points with pre-defined and planned attack strategy.

Wireless security assessment will help in detecting, locating and mitigating the risks posed by the current implementation of wireless network technology by taking a very pragmatic and systematic approach to assess & report the current security posture of wireless networks.

  • Defining Testing Scope
  • Detection of Wireless Access Points as well as Rogue Access Points (if any)
  • War Driving
  • Wireless Network Vulnerability Scanning
  • Vulnerability Identification & Validation
  • Wireless Device Configuration Review & Report