About the Client
Neeyamo is a global organization that is spread across 190 countries, providing the best HRO solutions. Neeyamo is a 100% employee-owned organization with opportunities provided to its employees.
The Challenge
Network Penetration Testing
Neeyamo's head office located in Chennai which was facing some network challenges. They had to undergo a network security audit from a cybersecurity company. Indian Cyber Security Solutions was asked to perform a white box network security audit on its internal office network. Indian Cyber Security Solutions audit the network security in their three different location office (Madurai, Chennai, and Pune). The challenge to the network security audit team of Indian Cyber Security Solutions was to perform the entire audit process within 7 working days.
The Solution
Indian Cyber Security Solutions was ready to perform the Network based penetration testing on their internal office network security, ISO 27001 lead auditor and network engineers were assigned to take up this challenge.
The security assessment steps are as follows:
Stage 1:
The Scope of work was defined by the client (Neeyamo). The internal office network architecture and the layout of the network were share with Indian Cyber Security Solutions. NDA (Non-Disclosure-Agreement) was signed between both the parties.
Stage 2: Risk Management & Mitigation
Their windows operating system was not up to date. Some Zero-day vulnerabilities were founded by Indian Cyber Security Solutions in which MS17-010, MS15-034 was the major and high priority vulnerabilities by which the attacker can control their system through remote code execution. Some other medium vulnerability was also found.
Stage 3: Rectification as per suggestion
The 3rd stage which is the most important stage of the project as the client was suggested the rectification from Indian Cyber Security Solutions and the client had to patch up vulnerabilities as per the suggestion. Neeyamo were asked to update their Windows operating system into the latest version. As per the suggestion after the network security audit conducted by Indian Cyber Security Solutions. Neeyamo were able to update their system as per the suggestion mentioned by Indian Cyber Security Solutions team.
Stage 4: Final Assessment and VAPT project submission
At the end of the working day, the Neeyamo network system administrator had already updated the operating system suggested by the Indian Cyber Security Solutions team. The final stage of vulnerabilities assessment had begun as the Indian Cyber Security Solutions team members had started retesting the network architecture as mentioned in the scope of work to find out all the vulnerabilities which were found previously and the network system administrators were able to update their operating system. Indian Cyber Security Solutions team was able to generate the VAPT report and had handed over the document to the client (Neeyamo) along with the certificate.
The Deliverable
The customized reports were provided to the Client as per their requirements the details are mentioned below:
The Benefits
The benefits are discussed below by conducting thorough security tests and identifying the vulnerabilities: