What is the main value of PenTera?
It provides real security validation that supports cost effective validation/remediation. It is the best of both validation techniques.
What are some of it’s main features/benefits? (7)
- It is automated software.
- Performed with in house staff and increases their expertise and knowledge of normal security profile.
- Discovers unknown and exploitable exposures.
- PRovides business impact analysis of vulnerabilities on the actual network.
- Does exactly what a human pentester would do.
- Can cover large networks very very fast.
- Agentless, all thats needed is network access. Very basic memory needs. NVIDIA GPU. No deployment!
What are PenTera’s 4 operation modes?
Advanced Penetration Testing (Black Box)
What If Scenarios (Grey Box)
Single Action
Vulnerability Assessment
What vulnerability scanners does PenTera use?
OpenVAS, which is open source. There are also two others that are looking for exploitable vulnerabilites only.
Tell the European Bank story.
There was a bank in Europe that did pentesting, cost several hundred thousand Euros. Then they went into a remediation period of several months. PenTera came in a week after and did a POC and it took only 15 minutes to get a domain password.
Reason is because in that 4 month remediation , they hired 20 new employees, new credentials, implemented 3rd party sofware. It cause each one of those mistakes. So thats the value of being continuous.
What is PenTera’s #1 rule?
Do no harm. Providesa safe and controlled process, constant revalidation. System can request that a user approve an exploitation or not.
What is the MITRE framework?
A framework that describes the entire hacking cycle from inital penetration through internal cycle and all the way to extracting data from the orgazniation. All attacks are described by MITRE framework. Our reporting shows integration into this.
How does PenTera work?
Automated Pentesting wheel, the algorythm of the attack pursuit.
- Network Recon, gathering info and intelligence. Who are the active players, what are the IPs, OS, devices, whatever informaiton. Just to understand who or what are we attacking.
- Vulnerability Assessment, low hanging fruit, the things that get you instant code execution. Also Unauthenticated information disclosure.
- Sniffing Credentials.
- Cracking passwords
- Relay, trying attacking across different hosts with same information, user privilages etc, all without ever knowing an original password.
- Malware injection.
- Lateral Movement, once you get ahold of a host or server, you can then get a whole bunch of stuff. To leverage it, you want to move laterally. Maybe then get to a domain controller.
- Privilage escallation.
