Connect and Go: The usd OrangeBox Makes Preparing for Remote Pentests Easy

12. April 2024

A penetration test or pentest provides answers to the question of whether attackers can penetrate your IT infrastructure. There are two ways in which our security analysts can carry out a pentest of your systems and applications: on site or remotely.

Remote access is particularly suitable if the IP addresses to be tested are accessible from the internet, which is the case for websites or online stores, for example. Systems and applications that are not accessible from the Internet have traditionally been tested directly on your premises. However, the presence of our analysts on site is often neither necessary nor the most efficient and practical solution for carrying out a pentest. A remote pentest, for example with the usd OrangeBox, can cover the same attack scenarios and the same scope of testing as an on-site pentest.

Preparation for remote pentests

We have been offering you the option of setting up a secure connection between the usd HeroLab's high-security network and your network to be tested via site-to-site VPN for years. However, setting up site-to-site VPN connections requires appropriate specialist personnel and time expenditure on your part.

The experts at usd HeroLabs have developed the usd OrangeBox to make setting up a secure connection easier and more resource-efficient for you.

The usd OrangeBox is a wonderful addition to existing remote pentesting procedures. It enables the simple and easy establishment of secure site-to-site connections for pentesting with usd.

Markus Ritter, Managing Security Consultant, usd HeroLab

Secure connection via the usd OrangeBox

The usd OrangeBox enables remote pentesting of systems and applications in internal networks with a high level of security and efficiency. It is based on highly reliable and open technologies and works on a VPN basis. The encryption methods used comply with the recommendations of the German Federal Office for Information Security (BSI). Dedicated firewalls and strict authorizations ensure that only those security analysts who are actively involved in carrying out your pentest have access to the connected networks. In this way, the OrangeBox automatically enables a secure connection between your network and the usd HeroLab's high-security network.

Setting up the usd OrangeBox

usd OrangeBox as Hardware makes preparing for remote pentests easier
usd OrangeBox - Hardware

You will receive the usd OrangeBox from us electronically as a virtual machine or by post as hardware. Connect the OrangeBox to the network to be tested and make sure that it can establish an HTTPS connection (directly or via Internet proxy) to our network. Further access to the Internet or accessibility from the Internet is not required. If this condition is met and the usd OrangeBox has access to the systems to be tested, it automatically establishes an encrypted VPN connection to the usd HeroLab's high-security network. The usd OrangeBox can be placed in any network and can be adapted to your individual requirements at any time - be it the consideration of several locations or the connection to several networks. The VPN connection is terminated as soon as you remove the box from your network or shut down the virtual machine.

Also interesting:

DORA Deep Dive: Threat-Led Penetration Testing (TLPT)

DORA Deep Dive: Threat-Led Penetration Testing (TLPT)

The Digital Operational Resilience Act (DORA) will apply as of January 17, 2025. In addition to routine operational resilience testing, DORA will also make it mandatory for certain financial companies to carry out threat-led penetration testing (TLPT) every three...

Security Advisory on Gambio

Security Advisory on Gambio

The pentest professionals at usd HeroLab examined the online shop software Gambio during their pentests. The software offers merchants various functions that support the management of inventory and orders. Our professionals discovered a vulnerability in the password...