ProCheckUp

Contact Form

External Internet Discovery

External Internet discovery consultancy determines the external presence of your organisation, and whether there are any applications or services which are unknown to the organisation. As part of a scheduled service, external discovery alerts you when there are changes to your Internet perimeter and cloud presence?

Benefits of discovery consultancy include:

Clearer asset management via the discovery service
Better preparation for any new threats or risks to systems identified, following a discovery consultancy.
Validates the IT change management process.

ProCheckUp utilises a standard engagement model for all external Internet discovery engagements using a robust, holistic approach consisting of three phases as defined below: -

Identify

This phase uses OSINT and online tools, to determine the organisations externally exposed networks/IP ranges. domain names and sub domain names in use.

OSINT Tools like DNSTWIST and URLCRAZY are used to enumerate domain variations of supplied domain names and identify registered domains which could be used in phishing attacks against the organisation.

Public certificate registration records, and OSINT DNS brute forcing tools will be used to determine any sub domain names in use within the organisation.

Using regional internet registry whois lookups, combined with IP addresses associated with enumerated domain names it then becomes possible to determine IP address ranges allocated/associated with the organisation.

Classify

This phase determines the services running and a vulnerability assessment performed, on the identified IP addresses, and domain names. The helps classify the potential damage caused to the organisation, by any applications or services which are unknown

Report

On completion, we will provide you with a report showing externally exposed networks/IP ranges. domain names and sub domain names in use. As well as any domain names registered which might be used to attack the organisation.

Additionally, a full vulnerability report will be produced on the identified IP addresses, and domain names

The report creates a basis for a risk assessment.

Please contact us for more information on how ProCheckUp External Internet Discovery Services can help you.

Security Audit

Application Testing

Breakout testing

BUILD REVIEWS

Cloud and Virtualisation Testing

Confirmation - request a call back

Laptop and Mobile Device Security Reviews

Device Testing/IOT testing

Infrastructure Testing

IOT Testing

Mobile application Testing

NCSC IT Health Checks

Penetration Testing

Processes

Red Teaming

Social Engineering

Technical Assurance

Vulnerability Assessment

Wireless Testing

Wireless Testing New

Security Risk

Architecture Security Review

Data Discovery

External Internet Discovery

Internal Network Discovery/Mapping

Mergers and Acquisitions

Onsite/Remote Security Manager

Open Source Intelligence Gathering

Physical Security Audit

Segmentation Testing

Onsite/Remote Security Manager (CISO)

Training And Knowledge Transfer

Forensic First Responder (FFR)

Compliance & Advisory

CREST STAR Assessments

Cyber Essentials Plus

GDPR

ISO 27001

PCI DSS ASV Scanning

PCI Data Security Standards

PCI FAQ

PCI DSS QSA Consultancy

PECR

PSN Compliance (ITHC) Testing

Training Services

Incident Response

Breach Impact Assessments

edisclosure / eDiscovery

Expert Witness

Forensics

Forensics Readiness Plan

Gold Teaming

Incident Response

Intrusion Analysis

Malware Reverse Engineering

Technical Services Counter Measures (TSCM)

External Internet Discovery

External Internet Discovery

Need Help?

Our Services

Security Audit

Security Risk

Training And Knowledge Transfer

Compliance & Advisory

Incident Response

Keep up to date!

ACCREDITATIONS

Read ProCheckUp’s 'GDPR Bytes' article

BSides London conference 2016