CYBERSECURITY INCIDENTS ARE ON THE RISE AND ALL ORGANIZATIONS REGARDLESS OF THEIR SIZE, LOCATION, OR INDUSTRY SECTOR ARE BEING TARGETED BY HACKERS FROM AROUND WORLD.
Before targeting any organization, hackers usually look for information about the organization which are available on the internet and accessible to all users. Surprisingly, such information often provides very useful information that hackers can use at a later stage to compromise and gain unauthorized access to the target organization systems and information. Public Discovery Testing is a free of charge service provided by Cloud4C to help organizations understand the level of risks they might be exposed to because of having improper controls over information exposed and published on the internet.
Service ObjectivePublic Discovery Testing is performed to collect personal and/or sensitive data about the company that is publicly available. This information is usually accessible to every internet user. Such information is then tested with the possibility of data theft in mind. In a simple quick way, this activity exposes basic security risks that the organization may be open to from the outside world.
Scope of ServiceThe scope of Public Discovery Testing service is all organization information that is available to public users. This includes but not limited to IP addresses, web address, email addresses, word files, PowerPoint presentation, PDF documents and other information that might be of an interest to hackers.
Process of Public Discovery TestThe Public Discovery Testing is performed through passive collection of data and is entirely non-intrusive. Scans of any kind are not performed and interactions with organization’s systems are very minimal. This test is usually completed with nothing more than the name of organization. All the information is gained through Google searches and other open source intelligence tools.
PrerequisitesName and location of the target organization.
DeliverablesUpon completion of the Public Discovery Testing, a detailed report will be sent to client, including the following:
- Executive Summary :
Summary of the purpose of this assessment, as well as brief explanation of the threats that the organization is exposed to from a business perspective.
- Findings :
A detailed, technical explanation of the findings of the assessment along with steps and proofs of the findings.
- Conclusion & Recommendations:
This section provides nal recommendations and summary of the issues found during the security assessment.
- Executive Summary :
Service delivery timeThe Public Discovery Testing service can be completed in two business days.