Platform Vulnerability Assessment
What is a Platform Vulnerability Assessment?
A Platform Vulnerability Assessment is a service that diagnoses whether vulnerabilities exist in network devices, servers, operating systems, middleware, and other components, and checks if there are any issues with their configurations.
Examples of vulnerabilities that can be assessed include network devices such as VPN equipment, web servers using Apache or Nginx, databases like MySQL or PostgreSQL, and email servers using Postfix.
These devices, systems, and middleware are used worldwide, and new vulnerabilities are discovered daily. Therefore, proper version management and addressing vulnerabilities are necessary. Our assessment provides "① Assessment → ② Report → ③ Reassessment (Optional)" and supports the customer until they can operate their system with confidence.
Reassessment services (optional) are available after the initial assessment. We believe that it is essential to verify that appropriate actions have been taken to address any discovered vulnerabilities.
What We can Assess
・Network Devices (VPN equipment, routers, switches, etc.)
・Various Servers (Windows, Linux, BSD, etc.)
・Client Devices (Windows, Linux, Mac, BSD, etc.)
Assessment Methods
Customers can choose between remote and on-site assessments, depending on their needs. Hybrid assessments are also available.
Remote Assessment
The assessment is performed via the internet from our designated assessment network, evaluating the platforms remotely.
On-Site Assessment
Our engineers will visit the customer's office or data center and assess the platforms from within the customer's internal network.
Service Flow
1
Inquiry
Please contact us via our inquiry form or by phone.
2
Estimate
Based on your inquiry, we will provide an estimate.
3
Contract
After confirming the estimate, we will proceed with the contract.
4
Pre-Assessment Preparation
We will conduct a hearing with the customer and set up any necessary equipment or environments for the assessment.
5
Assessment Execution
We will perform the vulnerability assessment either remotely or on-site.
6
Report Meeting
We will explain the vulnerabilities discovered and the recommended remediation actions based on the assessment results.
7
Reassessment (Optional)
We will check if the discovered vulnerabilities have been properly addressed.
Assessment Items
This assessment service not only evaluates vulnerabilities based on CVSS scores but also investigates other factors such as EPSS (Exploitability Probability), KEV (whether the vulnerability has been exploited in past cyberattacks), and whether exploit code has been made public.
L2/L3 Scans
| Inspection Item | Overview |
| ARP Scan | Use ARP requests to inspect which devices are present on the target device or within the target network. |
| ICMP Scan | Use ICMP echo requests to inspect which devices are present on the target device or within the target network. |
Port Scans
| Inspection Item | Overview |
| TCP Scan | Scan TCP ports to identify open TCP ports. The scanning speed and target ports can be flexibly adjusted based on customer requirements. |
| UDP Scan | Scan UDP ports to identify open UDP ports. The scanning speed and target ports can be flexibly adjusted based on customer requirements. |
Detection of Network Devices, OS, and Running Services
| Inspection Item | Overview |
| Detection and Identification of Network Devices | Analyze scan results to detect network devices and determine version information. |
| OS Identification and Version Detection | Analyze scan results to identify the OS and its version on target devices. |
| Detection and Identification of Running Services | Analyze scan results to identify public services and determine their version information. |
Investigation of Running Services
| Inspection Item | Overview |
| VPN Investigation | Detect VPNs in use and check if they are configured securely. |
| DNS Investigation | Inspect whether DNS is functioning as an open resolver or if zone transfers are being conducted properly. |
| HTTP/HTTPS Investigation | Inspect whether SSL/TLS encryption is properly configured and check if unnecessary directories or files are accessible. |
| Email Service Investigation | Inspect whether open relay settings are enabled or if VRFY/EXPN commands are accepted. |
| SNMP Investigation | Check if community names are set to "public" or "private," and whether system information can be retrieved using SNMP. |
| File Sharing Service Investigation | Inspect if anonymous users are allowed to connect, and whether files can be viewed or extracted. |
| Remote Access Service Investigation | Inspect the availability of remote access services such as Telnet, SSH, RDP, and WinRM. |
| Database Service Investigation | Check whether external access to databases is possible. |
| Other Service Investigations | Investigate other detected services using appropriate methods. |
Detection of Vulnerabilities in OS and Services
| Inspection Item | Overview |
| OS Version Vulnerability Detection | Investigate known vulnerabilities based on the identified OS version. |
| Service Version Vulnerability Detection | Investigate known vulnerabilities based on the identified service version. |
認証に関わる調査
| Inspection Item | Overview |
| Hardcoded Credentials | Inspect whether authentication information or credentials are hardcoded in externally accessible data or files. |
| Login Attempts | Attempt to log in to login forms or remote access services using default credentials or a list of commonly used passwords to identify weak authentication settings. |
Credential Scan (Optional)
Credential scanning is a service where the customer provides login information for the target system’s operating system in advance. This information is used to log into the system and diagnose vulnerabilities, including program and package information installed inside the system.
The assessment will be conducted using our proprietary product, MUSHIKAGO.
Reports
The assessment results will be provided in an easy-to-understand format. It will primarily consist of an executive summary, a detailed breakdown of the findings, and recommended actions.
Tools Used in This Assessment
This service uses a combination of manual and automated diagnostic tools to detect vulnerabilities from various angles.
Engineer Certifications
Our engineers possess high skills and extensive experience, including certifications such as:
・Information Security Management Specialist
・Offsec Certifications (OSCP, etc.)
・PortSwigger Certifications (BSCP, etc.)
Pricing
We offer discounted rates when performing a platform assessment in addition to the web application assessment. For more details, please contact us.
Inquiries About the Service
Feel free to contact us with any questions about the service.