Attack Simulation Services

Typical Timeline of Initial Test: 2 Weeks
Scheduling Kickoff: Within 1 to 2 weeks after ROE is signed
Remediation Retest Policy: Free within 30 days of initial report delivery

• Once the client has financed the project GoVanguard will provide the client with a Rules of Engagement (ROE) document that outlines the scope of the tested client information systems, project assumptions and GoVanguard’s commitment to our client’s information systems’ Confidentiality, Integrity and Availability (CIA).
• For any network penetration testing against a client’s internal information systems, GoVanguard will either ship or deliver in-person GoVanguard’s network scanning appliance.
• GoVanguard’s network penetration testing typically takes place in a 24×7 format over the course of 2 weeks. Special attention is provided to ensure client information system CIA remains unaffected throughout the project.
• After the first network penetration test is completed GoVanguard will present the report findings with the client and discuss the remediation recommendations provided in the report.
• After the 30 day remediation period, GoVanguard will perform rescanning of the same information systems to validate if previous risks were indeed remediated.
• GoVanguard will then present and provide the client with a post risk mitigation network penetration test report.

• Phone Call and Email Pretexting
  • Pretexting is the act of creating and using an invented scenario (the pretext) to engage a target in a way that increases the chance that the target will divulge information or take an action that is most often not in the target’s best interest.

• Targeted Email Spear Phishing
  • Spear phishing is an email phishing attack targeting specific individuals or groups of individuals using information gathered on an individual or company, in order to create a realistic email that relates specifically to their work environment or personal life.
• Email Spoofing
  • Email spoofing is the forgery of an email header so that the message appears to have originated from someone or somewhere other than the actual source. Email spoofing is a tactic used in phishing and spam campaigns because people are more likely to open an email when they think it has been sent by a legitimate source.  The goal of email spoofing is to get recipients to open, and possibly even respond to, a solicitation.
• Website Phishing
  • A phishing website is a web page made to fraudulently imitate a legitimate website. Typically, a phishing website only consists of a login page, where victims of a phishing email are directed in order to harvest their credentials, after which they are forwarded to the legitimate website to avoid arousing suspicion.
• Domain Typo-Squatting
  • Domain typo-squatting refers to the practice of buying and using a website domain that is very similar to a legitimate website, but with subtle typographical differences such as replacing O’s with 0’s or utilizing slightly misspelled words. This technique is often used in conjunction with phishing.
• Employee Impersonation
  • Employee impersonation is the process of fraudulently presenting oneself as a company employee or trusted vendor by utilizing fake props such as uniforms or badges, and by providing insider information such as employee names and details pertinent to the company.
• In Person Wireless Cracking
  • In person wireless cracking is the practice of defeating the security of a wireless local area network by hovering outside a company office or building and exploiting poor Wi-Fi configurations and/or weak authentication pre-shared keys (PSKs).
• USB Storage Malware
  • USB storage malware involves the creation and installation of a malware payload onto a USB storage device, so that upon inserting the device into a computer, the malware is either automatically executed or executed by an unsuspecting employee on the target computer.
• USB Keyboard Emulation and Malicious Code Injection
  • USB keyboard emulation and malicious code injection is like a USB storage malware attack, with the primary difference being that upon inserting this USB device into a target machine the USB device imitates a keyboard rather than appearing as a storage device. It then delivers a series of keyboard commands that executes malicious code to the target computer. The ability to emulate a keyboard allows the USB device to bypass common IT security controls that prevent typical USB storage devices from being accessible on company computers.
• Corporate Data Exfiltration
  • Corporate data exfiltration is the act of unauthorized transportation of sensitive company data from a corporate network environment into the possession of a malicious actor (external to the company) for later analysis and use.
• Network Backdoor Device Installation
  • Network backdoor installation involves the installation of a physical “leave behind” device that is connected to a corporate network. The network backdoor device allows for remote access to the corporate network and the interception/manipulation of wired corporate network traffic.