Contact us: info@akimbocore.com
 Artificial Chaos Podcast - Ep.2 Supplier Security
Akimbo Core Ltd Logo Mascot

Cybersecurity Testing: Our Approach

Akimbo Core specialise in Cybersecurity Testing.

We aim to address the weaknesses in the traditional approach to security testing. With companies relying on approaches that lead to a long mean-time-to-detection and that don’t take the whole organisational context into account — We wanted to do something different.

That’s why we take a platform-first approach to security and continuous security testing.

Cybersecurity Testing

When it comes to locking down systems, there's a lot to keep track of and it's easy to miss something. Plus with so many different options from Vulnerability Scanning to Penetration Testing, it can be difficult to know what the best approach to achieve your goals is. Our cybersecurity testing service can give you confidence in your security stance and we'll work with your team, to our approach to what you're trying to achieve. Here are some examples of systems we assess:

Web Applications

With many companies now relying heavily on web and mobile applications the impact of a security vulnerability in one of these systems can be devastating. We offer testing for web technologies, covering everything from simple public brochure websites to complex web applications and Application Programming Interfaces (API).

Cloud Security

With so many companies moving workloads to major cloud platforms such as Azure and AWS, it's important to keep on top of your cloud security. We offer cybersecurity testing against cloud hosted applications, and infrastructure, as well as the cloud configuration itself.

Infrastructure

Whether you're looking to secure an on-prem internal network or your external infrastructure services, such as email and file sharing, we can perform security testing of your systems.

Build Reviews

Staff leaving laptops unlocked over lunch or unattended on trains. What's the worst that can happen? We can review device builds to ensure they are secured against local vulnerabilities such as privilege escalation and that staff members can only access the resources they're authorised to.

Continuous Security Testing

If you're looking for a security testing methodology that allows for your assets to be continuously tested for weaknesses - we offer a Continuous Security Testing service. We use Penetration Testing techniques to continuously assess your external risk profile, alerting you to changes on your attack surface or the threat landscape. Combining this with bespoke automation to strike a balance between frequency and depth of testing.

Service Summary: Cybersecurity Testing

Our Vulnerability Management Platform

Keeping track of all the information relating to your organisation’s security stance can be difficult, additionally securely sharing and discussing that information with your team and external partners can be frustrating. Our vulnerability management platform is a powerful and flexible web platform that allows you to do just that.

The platform allows you to create, import, and manage information about assets and their security vulnerabilities easily from any device. It can also notify you when a team member or an external security provider publishes a new vulnerability on your systems, so that you’re informed quickly about developments.

Whether you’re using an Akimbo Core security testing service, a third-party service, or handling everything internally – our platform is designed to be easy to use and secure. With multi-factor authentication on login, transport layer security to protect everything in transit, and a granular permissions model to control who can view or edit things.

Our Solution

Reporting

Our platform-first approach to security reporting gives you a continuously updated view of your organisation's security stance. If you’re using our continuous security testing service then, we continuously update your organisation's risk via our web platform. With work conducted, new issues found, and where you should focus your attention for maximum effect.

You can view vulnerabilities as soon as they are confirmed. You can communicate directly with the testing team, such as to request additional information or to request a retest of a remediated issue. You can view a high-level report of the state of your systems, ideal for management meetings - or you can drill down into the technical detail needed to remediate a complex issue.

 

A screenshot showing an example page from the platform

Notifications

With new security issues being found constantly, it's difficult to keep track of them all or get any other work done.

That's why we've set our platform up with configurable notifications, so that you can tell us what "critical" means to your business, and we'll make sure to alert you to those issues without overloading you about minor details.

The Workflow

There's no "I" in team, so we've developed our platform to work well with teams of any size.

You can assign vulnerabilities to specific staff for remediation, message team members to discuss issues, and securely share issue details with those in your organisation that need to know.

Granular access control allows you to share just the information you need with the people that need to see it. With group permissions simplifying the whole thing. For example, you could give the management team an overview dashboard, your tech team all of the details to fix things, and your auditors read-only access to track compliance activities.

 

A screenshot showing an example dashboard from the platform

Knowledge Base

Some vulnerabilities are easy to fix, perhaps just a quick configuration change or a software update to install. Sadly, software vendors don't always get it right and sometimes vulnerability remediation can be painful.

To simplify the process of hardening your systems, we have a knowledge base of common hardening actions and articles covering the "how, what, and why" of system hardening. From talking about modern approaches to password security, to the depths of group policy options.

Service Summary: Vulnerability Management One-Pager

Continuous Security Testing

The Problem

Many organisation’s utilise penetration testing to find, and remediate, security vulnerabilities within their internet facing systems. Traditional cybersecurity approaches such as penetration testing are often conducted annually, but that is not in-line with the way that systems and applications are developed. Regular changes and updates can introduce risks faster than those methods can detect.

Modern organisations are constantly at risk from cybercriminals. Keeping everything up-to-date and locked down is a fundamental part of cybersecurity - but issues may be missed and risk may unintentionally be introduced to your systems. To ensure that these problems can be found and fixed quickly, it's critical that your security stance is constantly tested.

Our Solution

We use penetration testing techniques to continuously assess your external risk profile, alerting you to changes on your attack surface or the threat landscape.

Akimbo Core offers “Always-on” Security Testing. This is a modern approach to cybersecurity that offers the benefits of penetration testing but is more effective and constantly active. We apply human intelligence to the complex parts and develop application-specific automation for the repetitive tasks.

This allows us to test far more frequently, more much efficiently and effectively when compared to traditional penetration testing.

We provide information about your security stance through an online platform, available 24/7, that allows you to view the security testing that's taking place, see your organisation's current level of risk, and gain assistance in remediating discovered security issues.

Akimbo Core Dashboard Assets List Screenshot

State of the Union

A dashboard shows the current security stance of your organisation, including outstanding issues as well as the on-going security testing work conducted.

Attack Surface Monitoring

New systems are highlighted within the dashboard to ensure they're not missed from the testing scope.

Vulnerability Alerts

High risk issues cause vulnerability alerts so you don't miss critical vulnerabilities or weaknesses. These can be configured to your desired threshold.

Service Summary: Continuous Security Testing One-Pager

Continuous Asset Monitoring

The Problem

Many organisations focus their attention on perimeter security, however with the potential for targeted phishing attackers, insider threats, and a remote workforce – the idea of relying on a strong perimeter is outdated.

Organisations need to make sure that their assets are protected from attack from all angles, including when staff are working remotely, or from home.

Our Solution

There is more to cyber defence than strong perimeters, we track your assets to ensure they are hardened against attacks.

Our asset monitoring systems continuously monitor your systems to ensure they are hardened against attack. Tracking their vendor support, and offers actionable guidance to mitigate the risk of known vulnerabilities and to prevent exploitation.

All of your organisational assets are tracked within our dashboard allowing you to monitor their status and remediation over time.

Best Practice or Compliance

Whether you’re looking to track and harden your assets for best practices, or compliance reasons, our system can monitor your systems against the security requirements of your choice.

Each asset has a health bar that shows you how close it is to your compliance goal.

Akimbo Core Dashboard Screenshot

Service Summary: Asset Monitoring and Hardening One-Pager

Want to get in touch with the team?

Looking to learn more about Cybersecurity?

ScotSoft: Building and Breaking Web Applications

On October 7th I had the pleasure of speaking at ScotSoft 2021 about Penetration Testing and breaking Web Applications. I've included my slides from the presentation and some speaker notes on the content covered here.

Read More

What is Penetration Testing?

Penetration Testing, often abbreviated to PenTesting, is a method of testing the security of a system through attempting to discover and actively exploit vulnerabilities within the system. It is amongst the most effective methods of determining the actual risk posed by a system. This is due to the fact that the risk of present vulnerabilities is not estimated but they are exploited to determine how much leverage they would offer an attacker.

Read More

HTML5: Cross Domain Messaging (PostMessage) Vulnerabilities

HTML5 PostMessages (also known as: Web Messaging, or Cross Domain Messaging) is a method of passing arbitrary data between domains. However if not implemented correctly it can lead to sensitive information disclosure or cross-site scripting vulnerabilities as it leaves origin validation up to the developer!

Read More

HTML5: Cross Origin Resource Sharing (CORS) Vulnerabilities

So by default SOP won’t allow bi-directional communications between two separate origins, however as applications scale up there may be a requirement to allow this kind of thing. Think of companies such as Google, who also owns YouTube – or Microsoft who also owns Outlook and Skype. They may well want inter-origin communications.

Read More

An Introduction to PenTesting Azure

I recently wrote an introduction to PenTesting an AWS Environment. A sensible place to start given that I included that in Q1 of 2018 Amazon holds a 33% market share in cloud whereas Microsoft only holds 13%. However I did want to add a few notes that are specific to PenTesting within Azure environments here.

Many of the concepts are the same however, in my AWS article I broke the perspective a penetration tester could take of a cloud environment down into testing “on the cloud”, “in the cloud”, and “testing the cloud console.” That concept remains the same, which is:

Read More

Spoofing Packets and DNS Exfiltration

Following a successful penetration test, you may have large amounts of data to exfiltrate from an environment specifically hardened to make it difficult to exfiltrate data. For example, the network might have a firewall that explicitly blocks common exfiltration methods – such as SSH, HTTPS, HTTP.

It is common that you can still exfiltrate data from these networks by using DNS. For example you could make a request to a domain name that you control where the subdomain contains some information to be exfiltrated. Such as sensitive-data-here.attacker.example.com. DNS is a recursive system, such that if you send this request to a local DNS server, it will forward it on and on until it reaches the authoritative server. If you control the authoritative server, you can simply read the sensitive data from the DNS logs.

Read More