Offensive Security was contracted by MegaCorp One to conduct a penetration test in order to determine its exposure to a targeted attack. All activities were conducted in a manner that simulated a malicious actor engaged in a targeted attack against MegaCorp One with the goals of:
- Identifying if a remote attacker could penetrate MegaCorp One’s defenses
- Determining the impact of a security breach on:
- Confidentiality of the company’s private data
- Internal infrastructure and availability of MegaCorp One’s information systems
Efforts were placed on the identification and exploitation of security weaknesses that could allow a remote attacker to gain unauthorized access to organizational data. The attacks were conducted with the level of access that a general Internet user would have. The assessment was conducted in accordance with the recommendations outlined in NIST SP 800-1151 with all tests and actions being
conducted under controlled conditions.
Views: 0