Top
Newest White Papers
Related Tools

Infrastructure Security Services

iSEC Partners has deep expertise in the most complicated infrastructure issues currently facing modern enterprises, including cloud computing security, virtualization security, VOIP security, wireless network security and storage security.

Some of the projects we have undertaken for our clients include:

Network Vulnerability Assessment

  • Assess to understand the risk and threat exposure level from malicious/unauthorized users
  • May be performed on internal or external networks
  • Discover the extent of network exposure to Internet attackers, or malicious insiders
  • Enumerate and exploit vulnerable network services, applications, devices, and operating systems
  • Perform vulnerability analysis and threat exercise to determine possible extent of damage or ease of access
  • Document vulnerabilities, remediation, and root causes of insecurity

Voice-Over IP (VoIP) Security Assessments

  • Analysis of infrastructure configuration and hardening
  • Analysis of phone network interfaces and conference bridge controls
  • Analysis of network based recording and storage

Host and Device Security Services

Improve the security of

  • Operating systems
  • Firewalls
  • Routers/switches
  • VPNs
  • Mainframes (OS/390) and AS/400.

Storage Security Assessments

Security Analysis of SAN/NAS Architecture

  • Authentication (CHAP, DH-CHAP, None)
  • Authorization (WWN, iQNs, UID/GIDs, SIDs)
  • Encryption (Decru/Neoscale vs. Software encryption)
  • Denial of Service (Data destruction and unavailability)

Security testing of SAN/NAS networks

  • iSCSI SAN (CHAP Attacks, iQN Spoofing, SNS Man-in-the-Middle, Domain/iGroup Hopping)
  • NAS (Authentication Attacks, Authorization Bypass, Export/Share enumeration)
  • Fibre Channel SANs (WWN Spoofing, Zone Hopping, DH-CHAP Attacks, LUN Mask Subversion)

Network Access Control - 802.1x

Implementation of 802.1X

  • Server / client implementation weaknesses with fuzzing
  • Authentication/Authorization bypass of 802.1X implementation

Implementation of EAP over TLS

  • Fuzzing EAP over TLS server
  • Fuzzing EAP over TLS client

Testing of the Endpoint solution:

  • Stateless vs. Stateful firewall testing on NAC agents
  • Fuzzing of firewall state by creating hostile servers and clients
  • Middle person attacks on NAC
  • Trusted 3rd party Servers
  • Authentication and authorization bypass for trusted A/V servers
  • Attempt to subvert security checks completed by external modules

 

General Information info@isecpartners.com
San Francisco
123 Mission Street
Suite 1020
San Francisco, CA 94105
Seattle
720 Third Avenue
Suite 2101
Seattle, WA 98104
New York City
225 Varick Street
Suite 301
New York, NY 10014