Careers

For journalists

email contact@scnsoft.com en flag +1 214 306 68 37
en flag +1 214 306 68 37
Contact us
Firewalls Penetration Testing for a US Consumer Reporting Agency

Firewalls Penetration Testing for a US Consumer Reporting Agency

Industry
Professional Services

Customer

The Customer is a US licensed consumer reporting agency. They are a nationwide provider of pre-employment screening services, including criminal records, and credit history check.

Challenge

The Customer had two IP addresses with outward-facing hardware firewalls. The Customer turned to ScienceSoft as a penetration testing provider to check the security level of the firewalls’ configuration and find all the potential vulnerabilities.

Solution

ScienceSoft’s security testing team performed penetration testing of the Customer’s firewalls according to the black box model (simulating the actions of a real attacker with limited knowledge of the network). The security check was performed based on the Open Web Application Security Project (OWASP) Top 10 methodology.

The security engineers’ main tasks were the following:

  • Bypassing the firewalls.
  • Attempting to identify the services running behind the firewalls.

ScienceSoft’s security testing team identified the types of firewall hardware the Customer had with the accuracy of 90% and managed to bypass them. No vulnerabilities were revealed by ScienceSoft’s security engineers in the course of penetration testing.

The security engineers detected several Transmission Control Protocol (TCP) ports. Nevertheless, the Customer’s firewalls ensured a sufficient level of security not to let the security engineers accurately identify the particular types of services running behind the firewalls.

The report provided by ScienceSoft’s security testing team to the Customer contained the list of detected TCP ports, as well as the characteristics of how the Customer’s firewalls behaved during penetration testing.

Results

ScienceSoft’s security testing team provided the Customer with the evaluation of the security level of their hardware firewalls as high. The Customer got the detailed description of what was done in the course of black box penetration testing. The security engineers also provided the Customer with the characteristics of the ways the tested firewalls behaved.

Technologies and Tools

Metasploit, Nessus, Nmap, Tor

Professional Services Case Studies Security Testing Case Studies

Have a question to our team or need help with your project?

Our team is ready to provide client references, estimate your project, or answer any other question related to your IT initiative.

Upload file

Drag and drop or to upload your file(s)

?

Max file size 10MB, up to 5 files and 20MB total

Supported formats:

doc, docx, xls, xlsx, ppt, pptx, pps, ppsx, odp, jpeg, jpg, png, psd, webp, svg, mp3, mp4, webm, odt, ods, pdf, rtf, txt, csv, log

Get in touch instantly

Call us Email us WhatsApp Live chat

More Case Studies