Workstation Pentest

Prevent attacks on your company network via your employees' workstations

Workstation Pentest

Prevent attacks on your company network via your employees' workstations

Many attacks on company networks begin with the compromise of a single end device, e.g. a company notebook. An employee inadvertently clicks on a phishing email that installs malware on their device. The attacker can then try to gain administrator rights on the device or use the device as a starting point for further attacks on the internal network, bypassing the network perimeter defenses.

Defending against such complex, multi-stage attacks requires a holistic defense that ranges from a backup strategy and employee training to the secure configuration of systems and applications. Securing company notebooks is an important part of this.

The likelihood of employees clicking on a phishing email can be reduced with training, but not reduced to zero. However, a well-secured company notebook makes it much more difficult for attackers to increase their own rights on the company notebook or to use the device as a starting point for further attacks.

Common Vulnerabilities Include:

  • Vulnerabilities in third-party software
  • Insecure configuration of the operating system
  • Weak access rights in the file system
  • Access data readable for every user

What Is Our Approach to Workstation Pentests?

We carry out pentests using a standardized methodology, which is expanded to include specific elements for pentests of company notebooks:

Our security analysts start the test with a regular employee account and try to extend their authorizations on the device from there. To do this, they apply system-specific procedures for Microsoft Windows and Linux. In addition, regardless of the operating system used, a comprehensive picture of the installed third-party software and the current version of the components is recorded.

This software is examined for known vulnerabilities, misconfigurations and insecure interactions with the operating system. Finally, the hardening measures available on the workstation are examined and compared with current best practices.
More about our methodology

What Checks Are Included in Workstation Pentests?

The following checks are carried out during workstation pentesting:
  • Checking the hard disk encryption
  • Analysis of scheduled tasks and cronjobs
  • Checks for insecurely set file permissions
  • Search for locally stored access data
  • Write access to services that are executed with higher rights
  • Investigations of highly privileged processes that use user-controlled resources
  • Checking the configured hardening mechanisms
  • Analysis of network service
  • Checking the hard disk encryption
  • Analysis of scheduled tasks and cronjobs
  • Checks for insecurely set file permissions
  • Search for locally stored access data
  • Write access to services that are executed with higher rights
  • Investigations of highly privileged processes that use user-controlled resources
  • Checking the configured hardening mechanisms
  • Analysis of network service

Our Tip: Security Audits

Optionally, we conduct a security audit that takes into account recognized IT security standards, best practices and the benchmarks of the Center for Internet Security (CIS). We derive risks from the identified vulnerabilities and typical security gaps and show you ways to sustainably improve your company's security.
Learn more

More Insights

Pentest:
Your benefits at a glance

Learn more

Contact

 

Please contact us with any questions or queries.

 

Phone: +49 6102 8631-190
Email: sales@usd.de
PGP Key
S/MIME
Contact Form

 

Daniel Heyne
usd Team Lead Sales,
Security Consultant Pentest, OSCP, OSCE