Sunday, December 14, 2014

Wireless the Number 1 Vector

If your organization is running wireless we are advising you that this is the number one attack vector. It is recommended that you move to certificate based authentication. In 57 of 60 assessments we are reviewing wireless is by far the easiest vector to gain access to corporate networks. Even if corporate wireless networks are segregated the information sent through these networks may lead to actual compromises of legitimate network resources due to the fact that many devices will still try and authenticate to resources over the network.

When conducting penetration testing we are successful over 95% of the time in gaining credentials over guest networks so just because you think your guest network is not connected to your corporate network you should still be vigilant in monitoring.

No comments:

Post a Comment