Protect against Wi-Fi vulnerabilities with a Wireless Network Assessment
Secure Network’s Wireless Penetration Test is used to assess a cyber security baseline of the customer’s wireless networks. This assessment will show the customer which attack paths are available to an attacker against customer-owned SSIDs within range of the wireless network. This test includes assessments of WPA-PSK networks as well as WPA-E (802.1x) networks to discover potential weaknesses in the customer’s wireless infrastructure.
Securing Your Wireless Network… How It’s Done
Our team of Security Engineers follow a set of proprietary evolving methodologies, divided into three phases, to traverse your wireless network’s vulnerabilities just like a bad-actor would. We then provide a detailed report to aid in the effective remediation of all security gaps.
3-Phase Approach to Protecting Your Wireless Networks
Step 1: Discovery & Planning Phase
This phase consists of gathering information about the SSIDs that are within scope. This phase will implement wireless sniffing and identification tools to discover which types of security are being used for authentication against the network.
Step 2: Exploitation Phase
The Exploitation phase will begin once the security protocols of the wireless network are discovered. The attacks paths will use a variety of different techniques to assess the baseline security of the wireless network, including rogue access point creation, de-authentication of wireless clients, authentication interception, certificate spoofing, and hash cracking. Once an initial foothold within the network has been gained, SNT will move into the Post-Exploitation phase. This phase combines Reconnaissance and Exploitation phases to determine the likely attack paths of real-world threat actors. Analysis of segmentation, host isolation, and access from within the wireless network be completed.
Step 3: Reporting Phase
The Reporting phase will occur after attack paths and vulnerabilities have been exploited and validated. Reports will consist of relevant attack paths and TTPs that were executed against the customer environment. SNT does not create reports based on vulnerability scanner output or CVSS scores, but instead uses extensive experience and expertise to assign risk to individually exploited vulnerabilities, misconfigurations, and relevant attack paths to give the customer an immediately actionable report. Mitigation techniques are included in details of findings, where applicable, to provide guidance and a starting point to reduce the overall risk to the customer environment.