Laptop & Workstation Penetration Testing & Build Audit
The Threat: Laptop Security Risks
How do you answer these questions?
- How secure are your laptops and mobile devices?
- Who is deploying these devices on your corporate network?
- What sensitive information are your staff carrying around with them?
- What if one of your laptops got into the wrong hands?
The Solution: A Laptop Penetration Test & Build Audit
Laptop Penetration Testing Methodology
Our laptop testing services are conducted by skilled professionals using the latest tools, best practice
and our own proprietary testing techniques.
- Conduct an authenticated audit of the laptop build.
- Assess client patch levels of both manufacturer and third-party software, applicable zero day
vulnerabilities and assess client security controls to determine compliance with good security practice.
- "Break out testing": Develop attack vectors that utilise any weaknesses in the client
build and identified targets. This will demonstrate how an attacker can gain access to sensitive
data or systems. We will not conduct attacks against production systems but will show how an attacker could
conduct an attack.
- Attempt to subvert the laptop operating system at boot time.
- Attempt to boot into an alternative operating system in order to gain access to data on the laptop's hard drive.
- Attempt to 'crack' or reset local Windows or system user account passwords.
- Attempt to access protected information stored in crypto containers, by analysing the hibernation file.
- Attempt a 'cold boot' attack to retrieve encryption keys from memory.
- Examine whether the encryption policy can be subverted.
- If the laptop has FireWire, Thunderbolt, ExpressCard or PC Card interfaces, we will attempt FireWire
physical memory manipulation.
|We can also conduct:
|Workstation Security Testing:
||conducted on site against a sample of
workstations of your choosing. We attempt to circumvent local access controls to simulate an attack by an unauthorised user such as a visitor
or cleaner. We also conduct a full audit of the workstation build, using credentials you provide us. We investigate what a typical user can do and whether
your security controls are truly effective. This exercise will assist you in improving your build standard, policies and procedures.
|Apple Mac Security Testing:
||do you think your Macs are secure just because
they're not running Windows? Do you have a department that primarily uses Macs? Our experts can also conduct penetration testing
and audit specific to Macs
|Policies & Procedures:
||We can provide assistance with policies, standards and
guidelines for standard build, deployment and use.
At First Base Technologies we pride ourselves in being with you every step of the way in securing your devices from attack.
You can read our FAQ on penetration testing and vulnerability analysis here
See what our clients say about us here
+44 (0)1273 45 45 25