Network security and web application scanning

ESKOM service of network security and web application scanning is designed for companies and institutions interested in a single or periodical verification of IT infrastructure security and, in effect, increase in its security.

Skanowanie bezpieczeństwa sieci i aplikacji webowych - PDFESKOM service of network security and web application scanning is designed for companies and institutions interested in a single or periodical verification of IT infrastructure security and, in effect, increase in its security.

Specialist, comprehensive IT audit preformed by competent engineers outside your company can effectively detect any weak points in IT environment security and, concurrently, indicate measures and solutions for their elimination.

The post-audit report on performed works will include:

  • report on identified vulnerabilities,
  • recommended actions that should be performed in order to address the identified vulnerabilities.

Comprehensive tele-information audit - modules

The definition of network and web application security can be performed in two manners: as a comprehensive tele-information audit performed at one time or as permanent, periodical infrastructure tests performed in the scope of permanent cooperation contract. The other option is especially recommended in the case when your service is made available on the Internet and the possibility of automation of the whole process allows ESKOM to offer attractive financial conditions.
The proposed IT audit is divided into three groups of actions performed in the scope of separate modules. Each of them can be performed separately, but they can be also connected into virtually any configuration which, if necessary, can be supplemented with additional actions, for example when the detected susceptibility should be, in additional, manually analysed.

Particular modules consist of:

  • Automated external network services scanning - the professional software enables the engineers to identify the addresses and domain names used on the Internet by the client and launch services on them. By external scanning, all information on particular services can be detected that can be obtained externally.
  • Automated internal network services scanning - includes identification of the addresses used in your internal networks and service launch on them. Experts collect all information that can be obtained by internal scanning.
  • Automated network and application scanning - testing operational systems and selected applications (e.g. web applications, data base servers, etc.) Potential vulnerabilities are identified as a result of performed tests (e.g. invalid software packages).  The actions can concern both systems included in the internal network and located externally.
  • Manual verification of systems and applications - automatic scans can fail to detect important configuration and installation problems, especially in the case of systems with specific or rare configuration. The manual scanning performed by experts allows for detection and presentation of potential problems or failures.
  • Penetration tests of applications and systems - engineers use the detected vulnerabilities by attempting to break the security in your infrastructure. In the scope of the works performed in the test or manufacturing environment, new tools will be developed or the existing tools will be modified in order to break the tele-information security. These works are to define the possibilities of use of the analysed vulnerability.

Audit costs and technical requirements

Some conditions depending on the scope of works have to be met in order to allow ESKOM engineers to fully perform their audit services within particular modules. In particular, experts would like the client to:

  • enable the use of professional tools in their tele-information network by launching the virtual server provided by ESKOM in their virtual infrastructure or by allowing an expert to connect a laptop to a local network when the audit is conducted on the spot.
  • allow for distant access to the virtual server launched for the needs of the audit,
  • share all configuration parameters necessary for audit performance,
  • enable the launch of scripts which include information on server and application configuration upon accepting their contents,
  • perform appropriate network re-configuration to allow maximum use of the applied specialist software.

The best way to make configuration parameters available is to grant access to a system account with proper authorisations. Works performed under the Client’s supervision do not constitute any problem, in addition, the works which should be performed in the organisation IT structure can be performed from its seat. Then, the analytic actions will be performed outside it.