About the Client
Cambridge Technology is an Indian Non-Government Company. It's a private company and is classified as 'company limited by shares'.
The Challenge
Network Penetration Testing
Cambridge Technology was facing Network-based Security Challenge. They had to undergo a NetworkPenetration Testing to secure their network. OurPenetration Tester was asked to take up the challenge and secure the network by undergoing NetworkPenetration Testing.
The Solution
Indian Cyber Security Solutions was ready to perform the Network-basedPenetration Testing on their website. ISO 27001 lead auditor and NetworkPenetration Tester were assigned to take up this challenge. The project was to be done in 4 stages and to be delivered within 15 working days.
The project was done in the following steps:
Stage 1:
The scope of work was defined by the client (Cambridge Technology). The layout of the Network was shared with Indian Cyber Security Solutions. NDA documents (Non-Disclosure-Agreement) signed between both the parties.
Stage 2:
The 2nd Stage of risk management and mitigation has started, evaluating the key assets involved in the network such as firewalls, IDS, IPS, routers and others. Few High, Medium, Low & Info level vulnerabilities were found by Indian Cyber Security Solutions such as 'VPN Login compromised with Weak Password Policy ‘,'Multiple outdated plugins detected', etc.
Stage 3: Rectification as per suggestion
The 3rd stage which is the most important stage of the project as the client was suggested the rectification from Indian Cyber Security Solutions and the client had to patch up vulnerabilities as per the suggestion. The Cambridge Technology Web Developers were able to find out solutions as per the suggestion mentioned by the Indian Cyber Security Solutions team.
Stage 4: Final Assessment and VAPT project submission
At the end of the 16th working day, Cambridge Technology Web Developers had already patched the high, medium, low and info level vulnerabilities found by the Indian Cyber Security Solutions team. The final stage of vulnerabilities assessment had begun as the Indian Cyber Security Solutions team members had started retesting the IP Addresses as mentioned in the scope of work to find out all the high, medium, low and info level vulnerabilities which were found previously and were patched and no high, medium, low and info level vulnerabilities prevail. Indian Cyber Security Solutions team was able to generate the VAPT report and handed over the document to the client along with the certificate. Indian Cyber Security Solutions team had again achieved and completed the assigned task within the stipulated time. Indian Cyber Security Solutions team had again shown high-quality professionalism by meeting up the deadlines and living up to customer's expectations.
The Deliverable
The customized reports were provided to the Client as per their requirements the details are mentioned below:
The Benefits
The benefits are discussed below by conducting thorough security tests and identifying the vulnerabilities: