Client-Side Penetration Testing


Your network perimeter is broader than you think..

Your network perimeter is no longer delimited by your Firewall. Organizations often have in place different layers of protection to safeguard their Internet facing systems; however, employees on the internal network are constantly exposed to threats caused by a myriad of security vulnerabilities in client side software when browsing the web or reading email. The successful exploitation of these issues can give external attackers immediate access to your internal network and confidential information, effectively bypassing traditional network perimeter security measures. For this reason, it is nowadays fundamental to evaluate the security stance of the client side software installed on your employees workstations and determine whether they are following security best practices.

Amplia Security can help you identify security vulnerabilities present in client side software installed on your organization's workstations and detect users insecure behavior. We will provide advice on how to remediate issues found, determine the current security stance of the workstations and users analyzed and give you overall recommendations.

Key benefits:

    arrow Identify security vulnerabilities in client side software installed on your employees workstations
    arrow Determine if employees are following security best practices to prevent client-side attacks (e.g.: Spear Phishing attacks)
    arrow Test Endpoint Security solutions
    arrow Understand the contextualized risk posed by issues found and the impact of security violations
    arrow Learn your overall security posture and how it can affect your business
    arrow Raise risk and security awareness
    arrow Receive detailed recommendations on how to solve issues found, mitigate identified risks and improve the overall security stance of your network


About Our Methodology


Penetration Testing is the most efficient way to accurately identify security vulnerabilities. It is a method used to evaluate the security of a network, web application, web service, and any other software system or device by using the techniques a hacker would use in a safe and controlled manner.

Amplia Security Penetration Testing Methodology is the result of over 20 years of experience. We focus on manual testing of the systems which allows for the detection of logic flaws and complex vulnerabilities aided by the use of automated tools to provide the best results in a time efficient manner.

Tasks performed during a Penetrarion Test include:

    arrow Information gathering
    arrow Vulnerability assessment
    arrow Information Analysis
    arrow Exploitation
    arrow Reporting

Checks performed include and go beyond the following:

    arrow Determine information exposure; discovery of email addresses and other information used to profile targets and create directed spear phishing attacks
    arrow Identification and exploitation of vulnerabilities present in client side software such as browsers, email clients, media players, PDF readers, etc.
    arrow Security misconfigurations in client side software
    arrow Proper control of inbound and outbound network traffic

Our methodology is aimed at finding known and also previously unknown vulnerabilities using different techniques including reverse engineering, instrumentation, manual fault injection, automated fuzzing, creation of custom tools and proof-of-concept code.

if you want more information about our services, need a quotation, or have any other question, please email us at info@ampliasecurity.com.