Are you safe?Orhan Sari
Keepnet Labs, can provide baseline security analysis of border protection devices such as AntiSpam, Ani-Virus, APT device, SIEM for hardening security configurations.
AntiSpam, Anti-Virus, SIEM and APT Detecting Systems are more than plug and play system, and you have to update and reconfigure those systems against next generation attack vectors. Keepnet is testing your border protection devices with next generation types of phishing and exploitation technique then let you harden security configurations. SOC/IR team workflows can be easily integrated to Keepnet regarding to “Phishing” and “Malware” cases.
WorkFlow of security analysis
It’s easy to test your systems such as AntiSpam, Ani-Virus, APT device. We need just a valid credential and smtp server address to test your systems.
Just add your email servers and any valid credential to replay scenarios.This module also tests your email server’s vulnerabilities which is important and exploitable.
Vulnerability and Misconfiguration Scan
This module tests your email servers, anti-spam gateway, Antivirus etc. against to 135 different known vulnerabilities and misconfigurations. Keep it on your mind, day by day we’re updating our signatures …
One of the most harmful attack technique is called Client Side. Client side attacks require user-interaction such as enticing them to click a link, open a document, or somehow get to the malicious website. There are many different ways of using Keepnet Labs to perform client-side attacks and display the risks.
Attackers, Spammers and other bad guys always use this techniqeu to manipulate e-mail headers to attack clients or bypass the security systems. This module shows you how is it possible to infect your systems and gives you answers of your real risks.
Let it tests you …
- Sending email without SPF records
- Sending email without MX records
- Sending email without “Reverse DNS” records
- Sending email with IP which one already in Blacklist or has low reputation
- Domain Squatting: we send you email with similar domains of your domains.
- DNSBL Test
This module capabilities has known and unknown (like 0day) malicious e-mail. Main purpose is sending malicious e-mails (such as pdf, doc, .xls, exe etc.files ) to your test account(s) then checking them in your inbox (security analysis). If they reached your inbo, it means your security system has failed against them.
- Example of known Cryptolocker’s Email
- Attached with Undetactable Malwares
- MS Office files which has malicious macro
- Malicious PDF Files
Data Loss Prevention Test
Data Loss Detection and espectially prevention has utmost importance nowadays. It has known credit card data example, different types of username-password scenarios etc. Additionally, you may create your own test scenarios.
We are already logging all activities on the Keepnet Labs. Also we send them to SIEM. It helps your SOC/IR teams to take more effective action.
Keepnet Labs helps you to create snort, suricata, yara and most popular firewall rules to get mitigation against to vulnerabilities and know phishing techniques. Please feel free to contact us with any questions you may have, email@example.com