usd OrangeBox makes remote pentests simple

24. June 2020

Many companies ask themselves whether attackers are able to compromise their IT infrastructure. Pentests provide reliable results to this question and pave the way for increasing the long term IT security.

There are two approaches on how our security analysts can perform the pentest: on-site or remotely. Pentests via remote access are performed if the IP address range is accessible via the internet. That is the case for websites or online shops. Usually, IT security assessments of systems and applications in internal networks are performed on-site.

What if an on-site pentest is not possible, but the systems within the scope are located in the internal network?

For this purpose, usd AG has been offering their customers to use a site-to-site VPN to establish a secure connection between the high-security network of usd HeroLab and the customer’s network for years. However, the setup of the site-to-site VPN requires technical personnel on the customer’s side.

In order to facilitate the setup of a secure connection even more, the security analysts of usd HeroLab have developed a solution: the usd OrangeBox. By using the usd OrangeBox, remote pentests can be performed more efficiently and securely. The solution is based on very reliable and open technologies and operates based on VPNs. In this way, the usd OrangeBox enables an automated and secure connection between the high-security network of usd HeroLab and your network.

As a result, remote pentests using the usd OrangeBox can cover the same scope and attack scenarios as an on-site pentest. This includes questions like: Can privileges of specific user roles be escalated? What are the attack vectors of unauthenticated attackers?

What does that mean in concrete terms?

The usd OrangeBox is available as a virtual appliance or a hardware implementation. It is connected to the network that is supposed to be tested. Only one outgoing HTTPS connection is required (direct or via internet proxy) to the network of usd AG. Further access to the internet or reachability from the internet is not required. If the only condition is fulfilled and the usd OrangeBox is connected to the systems that are supposed to be tested, there are no additional steps required: the box automatically sets up the encrypted VPN connection to the high-security network of usd HeroLab.
Remote pentests meet the highest quality and security standards: Secure and latest authentication methods and encryption functions ensure that your network is only connected to the high-security network of usdHerolab. Dedicated firewalls and strict permissions guarantee that only security analysts actively participating in the pentest have access to the connected network. The VPN connection is terminated as soon as you unplug the hardware or shutdown the virtual machine.

The usd OrangeBox can be put into any kind of network and can be adapted to your individual needs at any time. This can include the connection of multiple locations or multiple networks.

Your advantages at a glance

✓ easy and fast setup

✓ minor risk to your IT infrastructure, since no incoming connections are necessary

✓ reduction of effort and costs

✓ fulfillment of highest quality and security standards

✓ hardware can be delivered by mail and the virtual appliance can be sent digitally

✓ health protection by avoidance of face-to-face contact

✓ no third parties involved

✓ high flexibility regarding different operational scenarios

✓ instant termination of the VPN connection after unplugging/shutting down the usd OrangeBox

Are you interested or do you have any questions? Please contact us. We will be glad to assist you.

Also interesting:

usd PCI Best Practice Workshop 2021

usd PCI Best Practice Workshop 2021

For many years, the usd PCI Best Practice Workshop has brought together responsible PCI personnel from companies of all sizes and from all industries to discuss current topics from the world of payment card industry together with PCI experts from usd. The interactive...

3 Reasons for a Cloud Security Audit

3 Reasons for a Cloud Security Audit

Outsourcing applications and data to the cloud brings significant benefits for companies, but at the same time also new challenges for the corresponding IT departments. The technologies and processes of a cloud environment differ from those of local data centers....

usd HeroLab Top 5 Vulnerabilities 2020: SMB 1.0 & SMB Signing

usd HeroLab Top 5 Vulnerabilities 2020: SMB 1.0 & SMB Signing

During penetration tests our security analysts repeatedly uncover gateways in IT systems and applications that pose significant risks to corporate security. They increasingly identify the same vulnerabilities in different IT assets, some of which have been known for...