Case Studies > Strengthening Password Security with Leaders in Healthcare

Strengthening Password Security with Leaders in Healthcare

Wireless Penetration Testing Case Study

About The Client

The client is an IT solutions provider that offers computer hardware, software, and consulting to their clients.

Wireless Penetration Test

Objectives

The primary objective of the Wireless Penetration Test was to identify weaknesses in the authentication of clients to access points, the individual access point’s ability to segment guests from corporate networks, and test the overall configuration of the wireless access points. Testing was performed in the context of an unknown external threat actor, as well as a malicious user with access. Six SSIDs were identified as “in-scope” for the engagement.

Findings

Testing was performed on the strength of passwords used for access, network segmentation, cryptographic implementations, and the ability of the network to prevent the construction of rogue access points. Though the network configuration was robust, it was still possible to create rogue access points and use this access point in an attempt to hijack a wireless device’s connection. As a result, RedTeam Security provided the client with recommendations to ensure the improved security and integrity of the client’s network, associated environment, and intellectual properties.

Key Takeaways

After the engagement, the client was able to take recommendations outlined in their report and begin remediation efforts to improve their security. Every engagement with RedTeam Security provides clients with:

The primary objective of the Web Application Penetration Test was to identify common vulnerabilities, such as those in the OWASP Top 10. The scope of the test involved testing the client’s application which lived in a test instance of production.

A clear understanding of the effectiveness of their existing information security program, training, monitoring, and system updating to keep things current.
How well their vendors manage the security posture of networks and web applications (for those with a 3rd party IT vendor).
A statement of assurance to provide to their customers that they are doing everything they should to keep their data and systems secure.
Outlined areas of focus for improving their overall security posture.

All identifying information has been changed to protect our clients and ensure absolute confidentiality.

Company

Healthcare Leader in the Upper Midwest

Headquarters

United States

Industry

Healthcare

Services Received

Wireless Penetration Testing

More Case Studies

Hear What Our Clients Are Saying

“Saint Paul College hired Red Team consultants to perform Web Applications vulnerability scanning and assessment. It was one of best group of people I worked with – from beginning to the end. Everyone I worked with was extremely cooperative, friendly, professional, and knowledgeable. They…”

-Najam Saeed, CIO, Saint Paul College, Saint Paul, MN

“I hired RedTeam to do both a Network Penetration test and a Social Engineering test on my organization. From start to finish in building our relationship and contract plan all the way through the execution of both of our tests they were helpful, insightful, proactive in reaching out to me, and…”

-Trevor Keller

“Contacted RedTeam to do a penetration test. I was very impressed with their ability to perform, not only from a vulnerability analysis, but true “Pen” test to identify REAL risks. Was very impressed with their highly skilled people and resources.”

-Donald Schleede

Let’s Get Started

Whether you are just starting your security journey or looking to take testing to the next level, securing your business is what we do, and we look forward to working with you.