Quantum Penetration Testing (QPT)
How does a QPT differ from a regular PT?
A QPT goes beyond a normal vulnerability scan and a regular pen test by focusing on several objectives.
Is a QPT confidential?
Yes, all data derived from a QPT is exempt from disclosure and is NOT public information.
What impact does QPT have on an organization or network being tested?
Virtually, none. The impact is minimal. A QPT does not require any network resources and should not interfere with daily business operations. It does require a minor, temporary reconfiguration of an IDS/IPS to allow QCP access to run tools necessary for the testing.
Will a QPT cause a DOS attack or bring the network down?
No. This is a Quantum penetration test and is not designed to intentionally flood a network with IP traffic, maliciously gain control of computer systems, or cause a loss of control to systems or services. QCP will endeavor not to disrupt services. However, some scanning, probing, and vulnerability assessment tools are aggressive in their actions and may affect the serviceability of poorly configured or overextended systems or services.
How long does a QPT engagement last?
A QPT engagement can last on average four weeks to seven weeks, depending on the complexity and/or size of the network under engagement. The first phase involves scanning the network with various tools to gather a list of responding (live) hosts and enumerate associated vulnerabilities. In the later phases, QCP attempts to leverage the vulnerabilities using advanced techniques in order to exploit the systems.
Why provide QCP with your IP address range?
QCP is legally and ethically bound and authorized to scan only IPs and URLs assigned or hosted by a company, organization or enterprise. The IP address testing range is provided in the SOW (statement of work). The primary goal is to focus on the methods of penetration and provide an enterprise with the best possible vulnerability assessment given the engagement timeframe.
· If your IDS/IPS detects QCP, is the QPT engagement over?
No, but it is an excellent way to test the investment a company has made into an IDS/IPS and to ensure that it is properly configured and working and to test the security posture of your organization.
Why allow QCP past the IDS/IPS?
Trusted source access is required. One of the reasons for this requirement is to mimic real world attacks. For example, the QPT is performed from a limited range of IP addresses over a short period of time, whereas a malicious attacker could attack from multiple IP addresses over any amount of time. So it’s critical to allow testing to continue to gain a true assessment of vulnerabilities within a network.
What types of tools or software does QCP use?
QCP uses commercially available software, shareware, freeware, and tools that are easily available for purchase off the shelf or from the Internet. These are typically the same tools or software used by hackers and malicious users to scan, probe, exploit, and control computer systems. QCP also uses custom-built scripts it creates.
Will QCP help our company mitigate vulnerabilities if we have any?
QCP will contact your enterprise promptly if any CRITICAL risks or vulnerabilities are found that require immediate attention. QCP will provide analysis, descriptions of, and recommendations for protecting against confirmed vulnerabilities but will not mitigate vulnerabilities. QCP will also work with your company to verify that the mitigation and/or remedies are effective.
What kind of QPT deliverable or report will our company receive?
QCP will develop a customized report that provides a summary of activities, vulnerabilities identified, and exploit cases describing how objectives were met. Other deliverables include generated network and web application scan reports and remediation verification reports.
Are we required to mitigate the vulnerabilities detailed in the QPT report?
The statement of work (SOW) includes a requirement to complete and return the provided Remediation Survey to QCP within 60 days of receipt of the final report. This survey confirms that your organization has received the QPT results and has taken a proactive approach to address the discovered issues, including developing a plan to address, mitigate/remediate, or accept the risk of identified vulnerabilities.