Frequently Asked Questions

Nowadays a large majority of cyber-attacks are fully automated, sweeping across the entirety of the public Internet. No distinction is made on the size or on the value of the targets hit. Any component of company infrastructure accessible on the public internet is exposed to attacks, including systems allowing remote access for employees in home offices, or cloud-based applications. Without proper cybersecurity testing, personal information, Intellectual Property, or financial data may be at risk of complete loss or disclosure.

• Vulnerability scanning
  Vulnerability scanning is the process of scanning a computer, application, or network for security weaknesses using automated programs, tools, and manual methods.
• Penetration testing
  A penetration-test is an audit of computer systems, applications, or networks in order to identify security vulnerabilities, and assess their severity and potential impact.
• Risk assessment
  Risk assessment determines the likelihood, possible consequences, and corresponding costs associated with security breaches of components or infrastructure. The aim is to help identify the most critical parts of a system when it comes to security, in order to implement the right strategy according to the most relevant threats.
• Ethical hacking
  Ethical hacking covers the practice of looking for security vulnerabilities in computer systems with prior authorization, or to be reporting any issues found to their legitimate vendor or author, in a process called "responsible disclosure". Security researchers practicing ethical hacking are also called "white hat hackers", as opposed to malicious actors who are then called "black hat hackers". Bugshell only collaborates with ethical hackers.
• Responsible Disclosure
  Responsible disclosure is the process of reporting security issues to the author or vendor of a product or infrastructure affected by the vulnerability. This typically involves the identification and authentication of the contact to reach, establishment of a confidential communications channel, the communication of the details about the vulnerability, and agreement on a grace period during which these details are kept secret. Finally, once the vulnerability is addressed or the grace period expires, the details about the vulnerability may be communicated publicly, in order for anyone possibly affected by the vulnerability to perform assessments and take action as required. This is as opposed to full disclosure, where the details about vulnerabilities may be deliberately open to the public, without consideration of the existence of a fix or possible mitigation.
• Red teaming
  Red teaming is a form of penetration testing, where the parties responsible for the development or monitoring of the targets for the simulated attack are not informed ahead of the assessment. This may also involve alternative means for intrusions, such as social engineering. The objective of red teaming is to more closely reflect the resistance and processes in place within the environment targeted, when confronted to a real attack.
• Social engineering
  Social engineering focuses on the human factor in information security. During a social engineering attempt an attacker tries to gain access to digital infrastructure, confidential information, or personal data using methods such as intimidation, faking authority, or gaining trust. Such attacks are performed constantly by scammers, for instance through phishing.
• Phishing
  Phishing is a form of scam, where typically e-mail messages resembling official communication are sent on behalf of the targets to unsuspecting victims. Any recipient deceived by the message may then provide the attackers with privileged information, like passport details, or with access to valuable resources, such as their credentials to online banking platforms.

A vulnerability in cybersecurity is a weakness in a computer, application, or network that can be exploited by an outside threat to compromise security.

The pricing of a penetration test mostly derives from time spent and experts involved. Typically, the costs are calculated by a daily rate. The following three factors can give a good grasp on a project’s costs assessment:

• Specific vs General – The more specific a target for a penetration test is defined the easier it is to estimate the time and effort spend.
• Standard vs Custom – Certain penetration tests are more common than others. This means that processes can be partially automated, significantly reducing costs.
• Easy vs Difficult – Depending on the difficulty of a project a request of a client can be only met by working with the best-in-class thought leaders in a specific area of penetration testing resulting in a higher hourly rate.

If you are interested in how the pricing of your project looks like, feel free to contact us.

Penetration testing is safe if done correctly. Bugshell ensures that the highest level of experts work on a project and all standards of procedure are met. We at bugshell only work with verified European security experts. Our mission control team (MC) acts as a quality control organ between our experts & clients.

Penetration testing reports do not follow any officially defined standardized guideline. It should, however, contain all the necessary information initially discussed in the project scope of the pre-engagement phase roughly following the structure of:

• Executive Summary
• Technical Risk Analysis
• Vulnerability Assessment
• Recommendation

Bugshell regards the penetration test report as one of the most critical aspects of the penetration test. Only a well-structured, understandable, and consistent report can properly explain why vulnerabilities need to be fixed and how to fix them. For this reason, bugshell combines automated reporting tools, experienced pentesters, and a mission control team (MC) to ensure the highest quality of results.

Penetration testing consists of six stages that include:

• Pre-Engagement
  During the first stage of penetration testing the expectations are set. This includes the description of the process, the timeline, objectives, and legal implications. Defining the project’s scope is of vital importance to avoid false alarms or interfere with the integrity of the client’s IT-infrastructure.
• Reconnaissance
  After the initial scope of the project has been defined bugshell‘s mission control team (MC) & pentester network will start gathering as much publicly available information (OSINT) about our client to identify potential targets to exploit. During this stage it is not uncommon that the scope of the projects adapts to newly identified security risks. Based on the type of penetration tests requested this phase can be partially avoided or rather extensive.
• Threat Modeling & Vulnerability Identification
  In the third phase the information gathered by the reconnaissance stage is combined with insights on the target computer system such as ports, services, hosts, and more. In this stage most of the automated scanning is applied, potential weaknesses are identified, and the exploitation strategy is defined.
• Exploitation
  With all the necessary knowledge at hand the penetration test initiates targeting various potential entry points. Several exploit tactics are used to assess how to specifically break into a computer system. This step is very similar to what an attacker would do, however, in a penetration test the vulnerabilities are only identified and not actually abused.
• Post-Exploitation
  During the post-exploitation phase the findings are analyzed. With the help of the bugshell our penetration testers will assess how easy exploits can be abused and how severe the impact on the company running the system would be. Factors such as access to critical assets, number of compromised systems, and loopholes are categorized and evaluated. At this stage the penetration testers also exactly describe their approach, collect evidence, and make sure that the system is how they initially found it.
• Reporting
  As the details of bugshell’s reporting standard and potential customizations have been discussed with the client in the pre-engagement phase our MC team will create a detailed report on all the items identified in the prior phases. Unlike other penetration testing companies bugshell uses automated reporting tools as well as experienced pentesters to create a standardized report. This system ensures that the penetration testers in our networks can concentrate on their actual penetration testing expertise.

Penetration testing can be done with 3 different methods:

• White Box Method – Penetration testers operate with the full background knowledge of the target. This knowledge helps penetration testers to specifically pinpoint issues, however, it does not realistically simulate an attack scenario.
• Grey Box Method – Penetration testers are partially informed & instructed on the target, which helps to reduce the overall project costs while still simulating an outside attack.
• Black Box Method – Penetration testers have no knowledge on their target. This is the closest resemblance of an outside attack but takes more time & lacks efficiency.

To get a penetration test you have to first request a test on the bugshell platform. Our MC team will contact you and inform you about the requirements and details needed to set your penetration test in motion. This does include for example agreeing on specific security standards and defining the scope of the project. For more information you can visit the penetration testing methods and penetration testing stages.

In the beginning the scope, target, timeline, and method of the penetration test is defined. Typically, the penetration test is done in a series of simulated attacks. The penetration test itself is separated into 6 different stages. During the penetration test the client can decide how frequently a status update should occur.

A penetration test provides insights on the security of a target during the time it takes place. While it is a good one-time indicator for the security of a system, a penetration test can’t guarantee that this status will be upheld. This is mostly due to the fact that systems are constantly changing. For this reason, recurring tests are highly recommended. Depending on how actively a platform, system, or app is developed a penetration test should be repeated.

Typically, vulnerabilities are identified by penetration testers in four simple steps:

• Scouting the resources (capabilities & assets) of a target
• Sorting the importance of all the identified resources by rank
• Identifying vulnerabilities of each resource
• Evaluating the vulnerabilities based on severity & impact

As the assessment of such vulnerabilities is often not consistent the bugshell mission control team supports penetration testers throughout the process.