Network Security Testing
Applications must be secured but servers come first
According to a research by Shodan, multiple MongoDB databases suffers from security misconfiguration and are entirely exposed unauthenticated to the internet. All of the exposed databases combined account for 684.8 TB of data. What's the point of securing web applications when your database is wide open? Network security testing find vulnerabilities like this.
Servers are the foundation that will incorporate applications for them to run and move the business. If this base isn't secure, the application security doesn't matter. Cyber criminals can always compromise a secure application if the underling server is vulnerable.
Why Are Servers A Target?
- Tons of known vulnerabilities: servers need to expose their services in order to be accessible to the world, e.g., the web server that will deliver the organization's application to the end user. The problem is that many of them may be outdated and vulnerable, and there are tons of known vulnerabilities and exploits (automation software to explore those vulnerabilities) freely available;
- New vulnerabilities get discovered all the time: in a short period of time multiple high impactful vulnerabilities were found, including Heartbleed, Shellshock and Poodle bugs;
- Compromise the server means comprimising the application: the impact of a compromised server surpasses the impact of an compromised application because a server can have multiple applications running within, including databases that may only be exposed to the applications inside the server.
To secure servers you have to simulate what cyber criminals would do and incorporate that in your software development life cycle to make sure that this step won't be left behind before exposing a new network device to the world or to your internal network. The internal network is no paradise either because malware from infected machines may try to attack servers and malicious insider as well. Here's what we recommend:
- Automated Analysis: test all your servers for vulnerabilities using our cloud-based application and server security platform. For internal testing we also have a possibility of using SSH Tunnels or Virtual Scan Appliance to put behind your firewall;
- Manual Server Recipes Review: if you have your infrastructure as a code in server recipes, e.g., using Ansible, Chef or Puppet, we can review them for security checks;
- Application Security Program: no tool can fix a broken process. Secure your entire software development lifecycle by adding security checks in each phase, including network devices security;
- Training for System Engineers: system engineers should be aware of security vulnerabilities and how to push secure servers to production. Few hours of training can save hundreds of vulnerabilities, thus saving time and decreasing the cost of fixing vulnerabilities.