Remediation Verification Penetration Testing
What is a Remediation Verification Penetration Test?
Remediation verification testing validates identified vulnerabilities have been successfully remediated, providing independent confirmation that corrective measures have been implemented in a manner that prevents exploitation.
Why should we perform a Remediation Verification Penetration Test?
Performing a penetration test provides an organization with the information they need to know their weaknesses, how to address each vulnerability, and facilitate remediation actions. How do we know those actions were successfully implemented? Remediation verification testing attempts to reproduce each vulnerability to answer that key question: “did we fix it?”. Auditors, regulations, and other third parties regularly seek confirmation that independent verification was performed…by someone other than the individual who implemented the fixes…and produce a deliverable confirming remediation was successful. Remediation verification testing also validates PCI DSS segmentation requirements.
Why should HALOCK perform our Remediation Verification Penetration Test?
HALOCK has the experience to best ensure remediation activities were successful in achieving the intended result of corrective efforts. For over two decades, HALOCK has conducted thousands of successful penetration tests for companies of all sizes, across all industries.
HALOCK’s dedicated penetration test team is highly qualified, possesses advanced certifications, and is equipped with the labs, tools, and methodologies necessary to consistently deliver quality, accurate, detailed, and meaningful results.
HALOCK leverages industry standard methodologies to ensure a thorough and comprehensive test is conducted under safe and controlled conditions. HALOCK’s reports are content rich, regularly stand the scrutiny of regulatory requirements, exceed expectations of auditors, and frequently receive the praise of our customers. HALOCK does not simply validate automated scans. HALOCK’s expert team discovers vulnerabilities not yet published and often not yet discovered. Exploits are pursued, documented step by step, with screen capture walkthroughs, to provide both the technical and visual clarity necessary to ensure corrective actions can be prioritized and remediation is effective
How do I choose which vulnerabilities to verify?
Any vulnerability that has been remediation is verified. An organization’s risk management methodology defines which vulnerabilities require remediation, which are candidates for risk acceptance, and the criteria that defines how those decisions are made. When preparing for remediation verification testing, the penetration tester verifies all vulnerabilities in the report, unless the organization has indicated a subset were accepted or otherwise not yet ready for verification.
A Comprehensive Testing Methodology
Penetration testing produces detailed findings, recommendations, and repeatable step by step instruction to reproduce exploits. Remediation verification testing leverages this methodology to verify if the exploits can still be reproduced, facilitating independent verification of remediation success. The specific steps vary based on each exploit, but leverage a common approach.
- Planning and Preparation To re-establish test conditions, such as when access was required to perform the initial test, collect information to identify which vulnerabilities were remediated versus accepted, and related logistics necessary to ensure each remediated vulnerability can be retested.
- Testing Each documented vulnerability is reviewed, attempts to repeat the previous exploits are performed, and variations of the previous exploit or vulnerability check are explored where applicable.
- Penetration Test Report Revisions The detailed report is revised to reflect the results and a summary deliverable is developed for external audiences the organization needs to report confirmation of remediation to.
Following the completion of the remediation verification test, previously detailed reports are updated to reflect the penetration testing results. Vulnerabilities are updated to confirm if remediation was successful. If additional attention is required, expanded and revised recommendations are amended to the report.
After successful remediation, secondary deliverables intended for external audiences such as auditors, customers, or other interested parties are also developed and issued, allowing the organization to provide attestation the penetration test was performed, that remediation was successful and subjected to independent verification.
HALOCK, a trusted penetration testing company headquartered in Schaumburg, IL, near Chicago, advises clients on reasonable information security strategies, risk assessments, third-party risk management (TPRM), penetration testing, security management, architecture reviews, and HIPAA, Privacy, & PCI compliance throughout the US.