• +44 (0)1273 454525
  • Call us
  • info@firstbase.co.uk
  • Email

Laptop & Workstation Penetration Testing & Build Audit

The Threat: Laptop Security Risks

  • How secure are your laptops and mobile devices?
  • Who is deploying these devices on your corporate network?
  • What sensitive information are your staff carrying around with them?
  • What if one of your laptops got into the wrong hands?

How do you answer these questions?

The Solution: A Laptop Penetration Test & Build Audit

Laptop Penetration Testing Methodology

Our laptop testing services are conducted by skilled professionals using the latest tools, best practice and our own proprietary testing techniques.

  • Conduct an authenticated audit of the laptop build.
  • Assess client patch levels of both manufacturer and third-party software, applicable zero day vulnerabilities and assess client security controls to determine compliance with good security practice.
  • “Break out testing”: Develop attack vectors that utilise any weaknesses in the client build and identified targets. This will demonstrate how an attacker can gain access to sensitive data or systems. We will not conduct attacks against production systems but will show how an attacker could conduct an attack.
  • Attempt to subvert the laptop operating system at boot time.
  • Attempt to boot into an alternative operating system in order to gain access to data on the laptop’s hard drive.
  • Attempt to ‘crack’ or reset local Windows or system user account passwords.
  • Attempt to access protected information stored in crypto containers, by analysing the hibernation file.
  • Attempt a ‘cold boot’ attack to retrieve encryption keys from memory.
  • Examine whether the encryption policy can be subverted.
  • If the laptop has FireWire, Thunderbolt, ExpressCard or PC Card interfaces, we will attempt FireWire physical memory manipulation.

We can also conduct:

Workstation Security Testing Conducted on site against a sample of workstations of your choosing. We attempt to circumvent local access controls to simulate an attack by an unauthorised user such as a visitor or cleaner. We also conduct a full audit of the workstation build, using credentials you provide us. We investigate what a typical user can do and whether your security controls are truly effective. This exercise will assist you in improving your build standard, policies and procedures.
Apple Mac Security TestingDo you think your Macs are secure just because they're not running Windows? Do you have a department that primarily uses Macs? Our experts can also conduct penetration testing and audit specific to Macs.
Policies & ProceduresWe can provide assistance with policies, standards and guidelines for standard build, deployment and use.

Contact us for more information

Call us on +44 (0)1273 454525 or use our enquiry form

You can read our FAQ on penetration testing and vulnerability analysis here

See what our clients say about us here